Criminals are making a 1,425% return on their investment from malware attacks.
This means that if they invested $5,900 for exploit kit and ransomware schemes then they would receive $84,100 in net revenue.
Cybercrime does pay. At least according to Trustwave’s Global Security Report which also highlights that 98% of applications tested in 2014 had at least one vulnerability, with one application found to have 747 security flaws.
Other findings include "Password1" being the most commonly used password and that 39% of passwords were eight characters long, which only took the company a day to crack, with a ten character password taking 591 days.
Criminals were most commonly breaking in through weak remote access security and weak passwords and once a breach was made 81% did not detect it themselves.
George Quigley, partner, cybersecurity practice, KPMG, said: "We have noticed an increased threat from ransomware over the last few months. More and more companies are being targeted and the level of time and resource spent on dealing with it is increasing.
"It’s important that people realise that this threat is real and that it exists because of two factors. The first is that the expertise can be bought, you don’t need to be an expert to do this. The second is that the economics make it more than viable.
"Companies should revisit their risk assessments in light of this and make sure that they are still appropriate. Remember that dealing with this will require a mixture of training and awareness and a security aware culture in addition to technology measures."
America was found to be the most popular target and retail was found to be the most vulnerable, making up 43% of those compromised.
Unsurprisingly card track data was the most popular target (31%) and attackers sought either financial credentials or proprietary information 20% of the time.
