Unpacking the Economics of Data Breaches - From the Hackers' Point of View

According to IT Governance, over 57 million records were exposed worldwide in data breaches in January of this year alone. The attacks are far from slowing down, but with the help of Palo Alto Networks and Ponemon’s most recent report, we are learning more about how hackers work, who they target and why.

The Motivation

A survey of over 300 threat experts found that 69% are motivated purely by money, versus reputation or other non-economic incentives. While many hope for a large payout, this survey revealed that on average, hackers receive $28,744 for approximately 705 hours spent on attacks.

Each successful attack nets hackers nearly $15,000, but only 42% of attacks are ever successful.

The Effort Required

While attackers put forth an average of 209 hours of effort before quitting, unsurprisingly, the effort required varies drastically based on the IT security infrastructure of the targeted organization. A “typical” IT security infrastructure usually requires about 70 hours of effort, versus 147 hours required against “excellent” infrastructure. Drawing from previous research, Ponemon assumes that 80% of all attacks are against organizations with typical security, and the remaining 20% against companies with excellent infrastructure.

Attackers are benefitting from more intelligent and automated tools, which 68% of those surveyed said are making it much easier for them to execute successful attacks. These tools average out at approximately $1,367 annually, netting hackers a compensation/return of $28,744.

The majority of respondents noted a decrease in both the time and money required to execute a successful attack. They cited increased number of known exploits and vulnerabilities as the number one reason, with improved skills as a hacker and improved hacking tools rounding out the top three.

When They Call it Quits

As mentioned above, most attacks require at least 70 hours of work to get through, but efforts are often delayed by organizations’ various resources and tools meant to thwart attacks. Ultimately, “time is the enemy of a hacker.” And the more time that passes before an attack can be executed, the more delays a hacker encounters, the less likely they are to succeed.

A delay of 20 hours, for example, can thwart 36% of attacks. A delay of 40 hours can delay 60% of hackers.

While many organizations are intimidated by the array of security tools available, nearly half of respondents felt that most hackers could be defeated with “common-sense controls.”

The other method cited as the most likely way to prevent attacks is something that all businesses should be taking part in right now - intelligence sharing with peers.

Rippleshot’s technology - whether for issuers or merchants - is rooted in the power of intelligence sharing. Our consortium data set ensures the fastest levels of detection available, because we’re employing the voices of many, instead of just a few. To learn more about how this approach fared against well-known breaches like Target and Home Depot, download our case study bundle below:

Schedule Your Demo

Request a Product Tour

You have fraud frustrations? We have the solutions. Let's discuss what you are dealing with and we can learn more and share how we can help.

Three blue ellipsis's