Norton: Nearly 1 Billion Cybercrime Victims in 2017

A Symantec Norton survey released this month estimated that close to 1 billion people were affected by cybercrime in 2017.

Norton's exact figure is 978 million people, determined from a mammoth survey of 21,549 people in 20 countries (counting China and Hong Kong as separate countries) that was conducted in October. To reach such a massive number, Norton took an expansive view of cybercrime. Respondents were counted as victims if they answered that they had been hit by any of 20 different types of cybercrime.

Some were serious financial problems with quantifiable monetary costs, such as experiencing a ransomware attack, experiencing credit or debit card fraud, making an online purchase that turned out to be a scam, falling for a technical support scam, or losing a job or a promotion due to a social media posting that the victim did not post.

Others were serious problems that could lead to, but didn't necessarily involve, direct financial damages, such as being notified that your personal information was involved in a data breach, having an account password compromised, being a victim of identity theft, having a device infected by a virus or other security threat, having payment information stolen from a phone, clicking on a phishing e-mail or having financial information compromised from shopping online.

Also included were thorny situations that probably wouldn't lead to direct financial damages, but could take a lot of time and effort to fix. That category included unusual activity or unauthorized access to home Wi-Fi networks, social media accounts, e-mail accounts or smart home devices; location-based information being accessed without permission; having a child suffer online bullying; or having a child's online activity compromise the family's security.

By incident type, the biggest problem was malware infections, which were experienced by 36 percent of respondents. Malware was followed by password compromises at 18 percent, credit/debit card fraud at 17 percent, personal information compromised in a data breach at 16 percent, and unauthorized hacks of e-mail or social networking accounts at 16 percent.

The Norton survey's overall victim estimate, while large, passes the smell test. In fact, it could be conservative. After all, Yahoo revealed in October 2017 -- the same month that the Norton survey was conducted -- that 3 billion user accounts were impacted in a previously reported 2013 data breach that the company had originally thought affected 1 billion users. That total had to include a large percentage of system accounts tied to organizational departments or job roles, as well as multiple accounts tied to individual users, but still -- it's a lot of people.

The Norton survey comes at the question from a different angle, by having users report their own incidents. And that 978-million-victim estimate is an eye-opening figure. Norton estimated that the total population of the countries studied was 3.1 billion, meaning nearly a third of all the people in those countries were hit. The report further estimates that the online population in the study's geographies was 1.8 billion, putting victims at 54 percent.

In other words, more online denizens were hit by cybercrime in 2017, than were not.

Posted by Scott Bekker on 01/29/2018 at 8:42 AM