Costs of cybercrime have soared to $280 billion this year

12 December 2016

Cybercrime is increasingly affecting global businesses, a new report finds. Total costs to businesses have soared to around $280 billion, with damage to reputation, management time and customer loss / churn the primary impacts of cyber attacks. Extortion too is on the rise, with 95% of companies still falling prey to poor training and practices of staff.

The impact of cybercrime is becoming increasingly prominent to businesses and people across the globe. The Sony hack was paraded through the global news media, while the hack of Yahoo saw more than 500 million peoples' details find their way into the hands of hackers. The scale, and potential fallout, from attacks, remains large. In a new report from Grant Thornton, which involved a survey of 2,500 business in 36 economies worldwide, the firm explores the damages done to companies as well as kinds of attacks currently impacting businesses. 

Cyber crime rises to $280 billion damages to business

The persistent threat of cybercrime continues to rise – the consultancy firm estimates that the global total cost of cyber-attacks on businesses stood at $280 billion in 2016, while the number of affected businesses increased 6% on last year to 21% of the sample (the number is likely higher as many businesses may not know that they have been penetrated or are not disclosing the facts).

Impact of cyber-attack

‘Loss of reputation’ was the primary cited impact of a cyber-attack by 29% of respondents.’ Management time’ takes the second spot, cited by 26% of respondents, while 16.4% of respondents say that it results in ‘customer loss or churn’. Clean-up costs are cited by 12% as the primary impact, while ‘direct loss of turnover’ takes the number five spot. A loss of ‘competitiveness’ and ‘changing behaviour change’ are the least cited, at 3.6% and 3.1% respectively.

Cyber insurance, touted to be one of the fastest growing crisis insurance segments, remains relatively underutilized, 52% do not have such insurance, 35% do, while 13% are not aware of possible coverage. The industry itself remains in its nascent stages, with vendors still devising the best way to protect companies, particularly large companies.

Cyber-attacks by region or country grouping

Different regions have considerably different profiles, in terms of the most common cyber-attacks to affect the region. Africa, for instance, predominantly incurs ‘monetary theft’, at around 31% of attacks, the APAC region commonly contends with 'IP theft’, as cited by 30.2%. Eastern Europe and Western Europe predominantly suffer ‘damage to infrastructure’, at 41.5% and 31.4% respectively. Latin America tends to incur attacks on ‘critical business information’.

The infiltration, according to analysis by the firm – as well as wider industry analysis – tends to stem from bad habits from key employees, all the way up to the top of businesses. These habits, which may stem from improper training, to disengaged staff, are implicated in up to 95% of attacks.

FBI director James Comey, remarks, “The internet is like the most dangerous parking lot imaginable. If you were crossing it late at night, your entire sense of danger would be heightened. You'd know where you were going. You'd walk quickly. You would look for light. But folks are wandering around that proverbial parking lot all day long, without giving a thought to whose attachments they're opening, what sites they're visiting. And that makes it easy for the bad guys.”

Extortion by region and industry

The research also considered the increased incidence of extortion as a means of garnering value from attacked companies. Extortion can take a number of different forms, from ransomware and denial of service attacks to the divulging of details, whether personal or professional. Blackmail, remains a relatively insidious crime, in so far as those affected tend to not wish to disclose that they have been affected.

The problem persists across all regions, although Asia, Latin America and APAC are the most heavily affected, at 35.1% 28.1% and 24.9% respectively. The Financial Services industry is the most heavily affected, with 45.8% of affected companies reporting extortion as the attack method, followed by Healthcare, at 23.7%, and Energy, at 23.3%.

Paul Jacobs, Global leader – cyber security at Grant Thornton, comments, “Whatever form cyber-attacks come in though, for businesses today it’s a question of when rather than if. Building cyber resilience must therefore be a company-wide priority. Yes, strengthening defences to prevent attacks occurring is vital. But it doesn’t end with pulling up the drawbridge. Firms which overlook being mobilised and ready to respond to attacks after they have occurred do so at their peril. That preparedness needs to be multifaceted, too. Simply guarding against one form of attack won’t cut it.”


More news on


Grant Thornton advises on deal for high-growth cloud hosting firm

08 April 2019

Grant Thornton’s North West Corporate Finance team has completed its first TMT deal of 2019. The professional services firm advised the shareholders of Hosted Desktop UK on their investment from specialist SME lender Beechbrook Capital.

Technological disruption and changing consumer behaviour have continued to affect top Technology, Media & Telecommunications (TMT) players in recent years. The industry has seen revenues border on stagnation over the past decade, at 0.4% annual growth since 2008. While the industry is keen to develop new digital services and models to meet market challenges, they face a range of barriers – meaning the recruiting of talent specialising in innovative software and technology has become a key goal for the industry.

Amid this, Hosted Desktop UK (HDUK) provides cloud computing services to small and medium sized businesses across the UK. The firm’s cloud solutions provide businesses with IT reliability, flexibility, value for money and business continuity. As the firm bids to grow in the UK, with demand for its disruptive technologies high, HDUK has secured a key investment from specialist SME lender Beechbrook Capital.

Grant Thornton advises on deal for high-growth cloud hosting firm

The transaction was Beechbrook Capital’s maiden deal from its latest UK SME credit fund, which supports small and medium-sized businesses in the UK with EBITDA of £1 million and above. Manchester law firms Pannone Corporate (sell-side advice, led by Mark Winthorpe) and DWF LLP (buy-side advice, led by Jonathan Robinson) also advised on the deal, while Grant Thornton’s North West Corporate Finance team advised HDUK’s shareholders.

The deal represents the Grant Thornton branch’s first TMT deal of 2019, with a team comprised of Partner and Head of Corporate Finance Peter Terry, Manager Daniel Brecker and Assistant Manager Cariad Mudford advising HDUK shareholders on the investment. It is the third key deal in the TMT sector that the GT North team has advised on in the last 18 months, following the £16.5 million sale of Salford-based Sonassi to Iomart in December 2017 and NorthEdge Capital’s investment in Yorkshire company iPortalis in August 2018.

Grant Thornton’s Peter Terry said of the news, “As our domestic and working lives become ever-more technology dependent, it’s no surprise that there continues to be strong investor interest in any asset in the cloud computing, data infrastructure and connectivity space… We were pleased to work with Beechbrook Capital on the first deal in its new fund. It shows that despite the well-documented uncertainties in the economy there are still good funding options for dynamic SMEs and their management teams.”