Cybercrime is making a significant impact on economies around the world. So says a new McAfee-sponsored report from the Center for Strategic and International Studies (CSIS).
Dubbed “Net Losses -- Estimating the Global Cost of Cybercrime,” the report offers a stunning takeaway: Cybercrime costs businesses worldwide about $400 billion. That translates to a loss of about 200,000 jobs in the U.S. and 150,000 jobs in the European Union.
The report points to studies that estimate the Internet economy, a share of the global economy that is expected to grow rapidly, generates between $2 trillion and $3 trillion annually. All told, CSIS estimates conclude that cybercrime extracts between 15 percent and 20 percent of the value created by the Internet.
“Cybercrime is a tax on innovation and slows the pace of global innovation by reducing the rate of return to innovators and investors,” said Jim Lewis, senior fellow and director of the Strategic Technologies Program at CSIS. “For developed countries, cybercrime has serious implications for employment. The effect of cybercrime is to shift employment away from jobs that create the most value. Even small changes in GDP can affect employment.”
From Corporate to Personal
Also damaging is cybercrime’s effect intellectual property (IP). Countries where IP creation and IP-intensive industries are important for wealth creation lose more in trade, jobs and income from cybercrime than countries depending more on agriculture or industries of low-level manufacturing, the report reveals.
According to the research, the U.S. notified 3,000 companies in 2013 that they had been hacked. Retailers emerged as favorite targets for hackers. In the U.K., retailers reportedly lost more than $850 million to hackers. Meanwhile, Australian officials said large scale attacks have hit the airline industry, hotel chains and financial services companies, costing those sectors about $100 million.
Turning to the realm of “personal information,” the report discovered breaches could reach $160 billion. Forty million people in the U.S. -- that’s about 15 percent of the population -- have had their personal information stolen by hackers.
Difficult To Measure
We caught up with James Lyne, Global Head of Security Research at Sophos, to get his thoughts on the report. He said his attitude has been it's incredibly hard to size the overall level of fraud and many have tried to offer methodologies to estimate it -- many of which have been subsequently lambasted by industry or media.
“Frankly, the important thing is that it is a figure in the billions of dollars -- it matters. The anecdotes paint the picture of the tip of the iceberg but over time I've grown to ignore specific figure claims. It is big enough and concerning enough, quite evidently,” he said. "Lastly, cybercrime increasingly has social harm factors, such as with abuse of web cams or handling of inappropriate content. We all know we need to care, so let's get on with tackling the issue.”
Keeping Information Safe
Part of the losses from cybercrime are directly connected to what experts call “recovery costs,” or the digital and electronic clean up that takes place after an attack . Although criminals will not be able to monetize all the information they steal, the report reveals their victims still have to spend time and money as if they could.
Scott Montgomery, Chief Technology Officer for McAfee’s Public Sector practice, said it’s clear that there’s a real tangible economic impact associated with stopping cybercrime.
“Over the years, cybercrime has become a growth industry, but that can be changed, with greater collaboration between nations, and improved public/private partnerships,” he said. “The technology exists to keep financial information and intellectual property safe, and when we do so, we create opportunities for positive economic growth and job creation worldwide.”