Contenu connexe Similaire à Cybercrime - View and perceptions from EU citizens (20) Plus de Gabriella Bergaglio (20) Cybercrime - View and perceptions from EU citizens2. © 2012 TNS2 3Cyber crime
Introduction
Cyber crime costs the UK an estimated £27bn per year, of
which £3.1bn affects the population directly. The remainder:
mostly IP theft, industrial espionage and extortion, is a cost
to business. The Government too is not immune, tax and
benefit fraud is an issue.
The cost of financial losses and time puts
cyber crime far ahead of narcotics in the
worldwide criminal industry league.
Cyber crime will increase. Growth of online
commerce creates more opportunity for
thieves, for whom cyber crime is low risk and
high reward. Penetration of smartphones is
increasing rapidly and we are on the cusp of
a boom in m-commerce. Criminals have
begun to target mobile phones, and we
can expect these to become a focus of
future attacks.
Britons are confident using the internet
and, relative to most EU countries, we are
comfortable buying goods and services
online. We are aware of cyber crime and
concerned that it may affect us. Most of us
will know someone who has been affected.
But despite this we remain blasé about
online security.
Eurobarometer research – the research was
conducted by TNS Opinion & Social across
the 27 EU member states in March 2012.
26,593 face-to-face at home interviews
were conducted.
3. © 2012 TNS4 5Cyber crime
Growth in online transactions is receiving
a boost from m-commerce. According to
IMRG CapGemini, m-commerce is currently
growing at 320% per annum (Jan-May
2012). The UK’s high penetration of
smartphones is helping drive retail business.
*Eurobarometer Cyber Security report July 2012 /
TNS Opinion Social. Base: all adults online
The UK has embraced online
UK consumers have embraced online.
A 2012 Eurobarometer study by TNS Opinion
Social shows that 78% of UK adults use
the internet and 63% of all adults use it
several times a day. It is a place to shop,
socialise and bank – as well as read the news
and play games.
Online activities UK
%
Email Buying Banking SellingSocial
network
Buy goods services online
Eurobarometer Cyber Security report July 2012 /
TNS Opinion Social. Base: all adults online
74%
of adults
Britons use the internet more than other
EU countries, particularly for buying goods
and services.
This translates into online sales. IMRG
CapGemini estimates that 17% of UK retail
sales are online. Online sales are expected to
increase to £77bn this year, up 14%. As we
become more comfortable shopping online
we can expect this area to grow strongly for
the foreseeable future.
Smartphone internet access*
42%
of adults
24%
of adults
UK EU
Online retail sales UK
£bn
2011 2012 (estimated)2010
59
68
77
50
55
75
70
65
60
IMRG CapGemini eRetail Sales Index
UK
53%
of adults
EU
86
74
57 55
24
4. © 2012 TNS6 7Cyber crime
Are we too confident?
EU
UK 51% 71% 68%
27% 45% 44%
Confidence levels are even higher for those
using tablets and smartphones to access the
internet, reflecting greater confidence and
competence amongst early(ish) adopters
of new technologies.
Eurobarometer Cyber Security report July 2012 /
TNS Opinion Social. Base: all adults online
Unsurprisingly, there is a strong correlation
at the country level between feeling
confident online, awareness of cyber crime
and using online services.
Britons are ahead of many of their European
counterparts in terms of confidence online.
Confident in my ability to use the
internet for things like online banking
or buying things online (%)
82
69
38
58
EU
UK
EU
UK
Feel well informed about the risks
of cyber crime
51 35 23
20 11 9
UK
Netherlands
Germany
France
Italy Spain
Very confident in my ability to use the
internet for things like online banking
or buying things online (%)
Eurobarometer Cyber Security report July 2012 /
TNS Opinion Social. Base: all adults online
Confidence remains high even when
compared to other large developed
economies.
‘Very confident’ in my ability to use the internet for things like online banking
or buying things online
Any device
(inc. desktop / laptop / netbook)
Tablets Smartphones
5. © 2012 TNS8 9Cyber crime
49% 51%Have not installed anti-virus
software
Don’t use different passwords
for different sites
EU UK
Our confidence may be misplaced. We are
somewhat blasé about our online security.
Open emails from people
I don’t know 57% 62%
75% 69%
Haven’t changed online banking
password in last 12 months. 81% 70% Contrast actual consumer behaviour – most
of us don’t use different passwords for
different sites – with the best practice advice
from Symantec, the online security company,
who recommend that passwords are a mix
of letters and numbers and should be
changed often.
Symantec suggest passwords do not consist
of words from the dictionary and that the
same passwords shouldn’t be used for
multiple applications or websites. Instead
complex passwords (upper/lowercase and
punctuation) or passphrases are to be used.
Source: Internet security and threats report,
Symantec April 2012
Eurobarometer Cyber Security report July 2012 /
TNS Opinion Social. Base: all EU adults online /
UK adults online
Our confidence is misplaced
75%
66%
65%
69%
Our false sense of security appears to stem from inertia or fatalism, rather
than a lack of awareness or indifference to the risk of online crime.
Inertia not indifference
Agree the risk of becoming a victim of cyber
crime has increased in the past year
Concerned that online information is not
kept secure by public authorities
Believe risk of becoming a victim of cyber
crime has increased in the past year
Concerned that online information is not kept
secure by web sites
Eurobarometer Cyber Security report July 2012 /
TNS Opinion Social. Base: all UK adults online
6. © 2012 TNS10 11Cyber crime
Thieves follow the money
Received fraudulent emails asking for
money / bank or payment details
Identity theft: stealing personal data and
shopping under your name
Online fraud where goods purchased
were not delivered or counterfeit
Misplaced confidence matters because cyber
crime is not just something that happens to
other people.
Many of us are unwitting participants in
criminal activity. A recent study by Professor
van Eeten of Delft University of Technology
estimated that over 1 million UK computers
play host to botnets, sending out millions of
spam messages.
Cybercriminals have opened a new front in
their battle to infect computers with malware
- PC production lines.*
Microsoft discovered four factory fresh PCs
that were pre-infected with malware. The
criminals behind the malicious program had
exploited insecure supply chains to get viruses
installed in counterfeit software some Chinese
PC makers were installing on computers as
they were being built.
Nitol was the most pernicious of the viruses
Microsoft caught because, as soon as the
computer was turned on, it tried to contact
the command and control system set up by
Nitol’s makers to steal personal details to help
criminals plunder online bank accounts.
Use any device to connect to internet
Use smartphones to connect to internet
In particular, we are concerned over security
of online payments and the misuse of our
personal data.
Those using a smartphone to access the
internet are no more concerned, even though
it would be unusual for a smartphone to
have the same level of security as a PC.
Eurobarometer Cyber Security report July 2012 / TNS
Opinion Social. Base: all UK adults online
Concerned about security
of payments online
Concerned about misuse
of personal data
UK 56% 43%
EU 38% 40%
Concerned about security
of payments online
Concerned about misuse
of personal data
UK 55% 40%
EU 42% 43%
12%
16%
52%
*Source bbc.co.uk 13 September 2012 / Eurobarometer
7. © 2012 TNS12 13Cyber crime
M-commerce is about to accelerate rapidly,
helped by NFC technology that turns phones
into mobile wallets and by the imminent
arrival of 4G, which will bring online
broadband speeds to your smartphone.
A recent prediction sees m-commerce
growing fourteen-fold across the next
9 years to reach £20bn.
The take-off of m-commerce will require
a greater degree of security. But first
the consumer will need to be educated,
and probably pushed. Even amongst
smartphone owners who are relatively
sophisticated users of the internet and more
aware of cyber crime, security remains poor.
Most people do not change their password
regularly on sites where they are entering
financially sensitive data. There is little public
awareness of the threat to smartphones and
few people install security.
21%
37%
Online shopping
Smartphone users who changed their
password to online services in last
12 months
Online banking
31%
43%
EU UK
2011 2016 2021
0
5
10
15
20
1.35
5.82
19.26
Smartphones are the next target
Cyber criminals are already targeting mobile
phones, principally with a Trojan virus that sends
SMS messages from phones to a premium
number. But it is getting more serious and
always-on, internet-connected smartphones
are a ripe target. In December 2011 alone,
Kaspersky Labs (online security company)
discovered 1000 new Trojans targeting
smartphones; more smartphone viruses than
were picked up in the previous 8 years.
Kaspersky sees the threat to smartphones
escalating rapidly. The attraction is obvious.
A further 28% are
interested in using their
mobile for banking
31% Already use their
mobile for banking
Over half of UK mobile phone owners have
a smartphone and penetration is increasing
as prices continue to fall.
Smartphones are increasingly used for
commercial transactions. 31% of mobile
phone users use their phone for mobile
banking and a further 28% say they
would be interested in doing so. Although
shopping via a mobile has yet to fully take
off, there is a strong supplier push from
financial institutions and a handful of
retailers eager to develop the market.
Source: TNS Mobile Life 2012 / TNS Opinion Social
Base: mobile users / UK
Source: Ebay submission to Ofcom 2011
Eurobarometer Cyber Security report July 2012 /
TNS Opinion Social. Base: all adults online
EU UK
UK m-commerce growth
£bn
8. © 2012 TNS14 15Cyber crime
The cost to business
It is principally larger companies that will be
targeted by cyber crime.
The type of business determines the nature
of the vulnerability. IP theft will be an issue
for companies with a substantial scientific
input: Pharmaceutical, Engineering and
Defence companies for example. Theft of
customer data is a risk for utility companies
and financial services companies. Even for
companies with a less obvious vulnerability
there may be the threat of counterfeiting or
extortion based on denial of service attacks
or threat of disclosure of stolen data.
In a 2011 report issued by the Cabinet
Office*, it was estimated that cyber crime
costs the UK £27bn each year. Most of this
cost falls on business from the theft of IP,
which is estimated at £9.2bn per annum and
from industrial espionage £7.6bn. There are
also costs for Government through money
laundering and attacks on the benefit system
and for the public who, it is estimated, lose
£3.1bn per annum to cyber crime.
Worldwide the cost of cyber crime in
terms of financial losses and time has been
estimated at £240bn per annum
(source: Symantec).
The consumer cost
Every day inboxes fill with millions of
fraudulent emails inviting us to click on a
toxic link or offering us millions won in an
overseas lottery. Clearly not everyone finds
the dishonesty transparent. This is low risk,
high reward criminality.
At the more sophisticated end, an Essex
based gang was prosecuted for stealing log-
in details from 600 UK bank accounts using
Zeus Trojan malware to exploit weak security
on individuals’ computers. They were making
£2m a month – and it was all coordinated
from a single laptop.
Identity theft
£1.7bn
Online fraud
£1.4bn
Scareware and fake anti-virus
£30m
The Cabinet Office report puts a cost to this:
Cyber crime: consumer economic impact*
The cost of cyber crime
to the UK is £27bn
*The cost of Cyber crime, 2011 (to the UK) – a report by
Deltica and the Office of Cyber Security on behalf of the
Cabinet Office
Total
£3.1bn
9. © 2012 TNS16 17Cyber crime
At its most sophisticated, the cyber criminals
may be agencies of foreign governments
seeking political, economic or military
advantage. A recent example is the stuxnet
worm that allows the perpetrator to
control the operation of another country’s
infrastructure.
Large organised crime may be involved in
money laundering or insider dealing on
stolen information on forthcoming MA
deals. Inevitably some rogue companies
will be involved in IP theft – although quite
possibly through a third party.
There are also innumerable opportunistic
criminals targeting citizens and companies
with small scams, identity fraud, customer
data theft and extortion.
The Cabinet Office report into cyber crime
predicts that cyber crime will grow because
it is a low risk criminal activity with high
rewards and no physical assets to sell on.
Targeted attacks on businesses are common.
While 42% of the mailboxes targeted for
attack are high-level executives, senior
managers and people in RD, the majority
of targets were people without direct access
to confidential information. For example,
people in HR who are used to getting email
attachments such as CVs from strangers.
Source: Internet security threat report, Symantec April 2012
Who are the cyber criminals?
£ 198.205.156.154 £
2
4
5
4
3
5
4
8
9
4
3
5
4
5
4
4
3
4
5
3
4
£ 198.205.156.154 £
2
4
5
4
3
5
4
8
9
4
3
5
4
5
4
4
3
4
5
3
4
£ 198.205.156.154 £
2
4
5
4
3
5
4
8
9
4
3
5
4
5
4
4
3
4
5
3
4
£ 198.205.156.154 £
2
4
5
4
3
5
4
8
9
4
3
5
4
5
4
4
3
4
5
3
4
£ 198.205.156.154 £
2
4
5
4
3
5
4
8
9
4
3
5
4
5
4
4
3
4
5
3
4
The Cabinet Office report puts a cost to this:
Cyber crime: cost to UK business*
* The cost of Cyber crime, 2011 (to the UK) – a report by
Deltica and the Office of Cyber Security on behalf of
the Cabinet Office
Risks are not going away. Social networking
creates greater connectivity, which makes
it easier to spread malware. The blurring of
home and office can also lead to problems
every time a worker uses a home laptop at
work or brings the office laptop home for
their own activities.
IP theft
£9.2bn
Industrial espionage
£7.6bn
Extortion
£2.2bn
Total
£21bn
Direct online theft
£1.3bn
Loss or theft of customer data
£1bn
Case study
In 2011, 29 chemical companies were
targeted with emails that appeared
to be meeting invitations from known
suppliers.
These emails installed a backdoor
trojan intent on stealing intellectual
property such as designs and
formulae.
Source: Internet security threat report,
Symantec April 2012
10. © 2012 TNS18 19Cyber crime
How TNS can help
Cybercrime is a fast-growing and evolving economy with a
turnover on a par with Denmark. Experience tells us that,
for the most part, consumers’ response to this mutating
threat will be neither uniform nor timely. This most obviously
affects manufacturers of smartphones and pcs, banks and
credit card companies. But it also impacts on any company
involved in online commerce and that includes most retailers
and much of the service sector.
Companies’ own interests will benefit from
improving consumers’ online confidence and
security, whether that is through the sale
of cyber-secure smartphones or increasing
awareness of fraudulent emails and malware.
With a presence in over 80 countries, TNS
has more conversations with the world’s
consumers than anyone else and understands
individual human behaviours and attitudes
across every cultural, economic and political
region of the world. Our breadth and depth
of resource around the world means that
TNS has the expertise to help businesses
understand the diversity of consumers’ online
behaviour and attitudes to cybercrime.
Eurobarometer research – the research was conducted
by TNS Opinion Social across the 27 EU member states
in March 2012. 26,593 face-to-face at home interviews
were conducted.
11. TNS
6 More London Place
London SE1 2QY
United Kingdom
t +44 (0)20 7656 5294
www.tnsglobal.com
Twitter: @tns_uk
About TNS UK
TNS UK are part of TNS Global, the world’s biggest research company.
TNS delivers precise plans to help our clients grow.
Whatever your challenge TNS UK can help:
n Innovation Product Development
n Brand Communications
n Retail Shopper
n Stakeholder Management
n Qualitative
n Automotive
About Eurobarometer
TNS Opinion Social, conducts approximately eight Eurobarometer surveys a
year, on behalf of the European Commission. These surveys cover the population
of the respective nationalities of the European Union Member States, resident in
each of the Member States and aged 15 years and over.
Certain waves of research also involve surveys conducted in the six candidate
countries (Croatia, Turkey, the Former Yugoslav Republic of Macedonia, Iceland,
Montenegro and Serbia), the Turkish Cypriot Community, and Norway.
A representative sample of 1.000 people is interviewed in each country (1500
in Germany; 1300 in the UK; 500 in Luxembourg, the Republic of Cyprus, the
Turkish Cypriot Community, Iceland and Malta).
In this series:
n Cyber crime
n Financial services
n Environment climate change