By Mikaprok for SouthFront
The data is new oil.
Well, we live in a period of fluctuating energy prices … which is caused by sales growth.
The sales of data is a big business, unlike drugs, completely hidden from the outsider’s eyes of the business, whose volumes can only be estimated approximately.
And they are impressive.
Let’s try to designate its borders.
To begin with, what can be attributed to the data?
Here is the list of main commercially applicable varieties:
1) user identification information;
2) personal data (passport, Id, etc.);
3) information on education and qualifications;
4) financial information relating to each individual person (banking, insurance, investment accounts);
5) medical profiles;
6) accounts of payment services (PayPal, WebMoney, etc ..);
7) other (this is socially significant information about the family, colleagues, contacts, etc.).
Only 25% of data leakage incidents are related to “hacking” activity, in 41% of cases it is social engineering or loss of the information carrier, and in 12% of cases – sale of data by insiders.
In 2014, according to the most optimistic statistics, about 1.02 billion records were compromised, in 2015 – about 700 million, in 2016-1.05 billion, and in 2017 because of WannaCry and comparable incidents, there may be 1.5 billion.
The most valuable category of data for the hacker is the victim’s health and social contacts. This information at a specialized market can be highly valued.
There is a misconception that e-businesses and commercial portals are often broken.
The government, which currently stores a large number of key citizens’ data (for example, property registers, kinship ties, etc.), statistically protects them in the worst possible way, and the largest number of people who trade personal data work in the relevant structures.
Over the past 5 years, the number of successful attacks on the public sector has doubled.
Let’s talk a little bit about the price tags in Darknet.
Login / password from mail every year becomes cheaper.
For example, if 7 years ago it could be sold for $ 15-17, now it costs a maximum of $ 1, and more often $ 0.5.
The full credit history is $ 23-25;
Passport data, ID, driver’s license, as scan – $ 7-30 depending on the novelty of the data;
PayPal, eBay, Amazon accounts can be sold for $ 300 (!);
Full bank statement of physical persons – $ 200-500, legal entity – from $ 600 and further, depending on coverage;
Medical profile with a full history – from $ 500 to $ 1000.
It is very simple to estimate the lower limit. Taking into account that ~ 60% of the data already exists in the network and sharply loses in value, we delete them for simplicity.
Accordingly, we can talk about 550 million new records annually. Even if you multiply this number by $ 1, you get a lot, and if $ 100 (taking into account the growing interest in expensive services from the list above)?
It turns out a modest $55-billion market (!).
I will add that 80% of insurance companies, banks, commercial clinics and telecoms somehow use the data acquired on the black market.