Cybercrime costs businesses approximately $445 billion worldwide, with an impact on approximately 200,000 jobs in the U.S. and 150,000 jobs in the EU, a new report said.
The most important cost of cybercrime comes from its damage to company performance and to national economies.
Cybercrime damages trade, competitiveness, innovation, and global economic growth, according to the report from the Center for Strategic and International Studies (CSIS). Studies estimate the Internet economy annually generates between $2 trillion and $3 trillion, a share of the global economy could grow rapidly. Based on CSIS analysis, cybercrime extracts between 15 percent and 20 percent of the value created by the Internet.
Cybercrime’s effect on intellectual property (IP) is particularly damaging, and countries where IP creation and IP-intensive industries are important for wealth creation lose more in trade, jobs and income from cybercrime than countries depending more on agriculture or industries of low-level manufacturing, the report found. Accordingly, high-income countries lost more as a percent of GDP than low-income countries – perhaps as much as 0.9 percent on average.
“Cybercrime is a tax on innovation and slows the pace of global innovation by reducing the rate of return to innovators and investors,” said Jim Lewis of CSIS. “For developed countries, cybercrime has serious implications for employment. The effect of cybercrime is to shift employment away from jobs that create the most value. Even small changes in GDP can affect employment.”
CSIS researchers found in the U.K., retailers reportedly lost more than $850 million to hackers. The United States notified 3,000 companies in 2013 they suffered a hack, with retailers leading as a favorite target for hackers. Australian officials reported that large scale attacks have occurred against an airline, hotel chains and financial services companies, costing an estimated $100 million. With proper protections in place, companies could have avoided those losses.
The report found that global losses connected to “personal information” breaches could reach $160 billion. Forty million people in the U.S., roughly 15 percent of the population, have had their personal information stolen by hackers. The study tracked high-profile breaches around the world with 54 million in Turkey, 20 million in Korea, 16 million in Germany and more than 20 million in China, having their personal information stolen in the last year.
Part of the losses from cybercrime are directly connected to what experts call “recovery costs,” or the digital and electronic clean-up that must occur after an attack has taken place. The McAfee-CSIS report discovered that while criminals will not be able to monetize all the information they steal, their victims must spend significant resources as if they could.
In Italy, for example, actual hacking losses totaled $875 million, but the recovery, or clean-up costs, reached $8.5 billion. In other words, there can be a tenfold increase between the actual losses directly attributed to hackers and the recovery companies must implement in the aftermath of those attacks.
Governments are beginning serious, systematic efforts to collect and publish data on cybercrime to help countries and companies make better choices about risk and policy. Improved international collaboration, as well as public/private partnerships are also beginning to show tangible results in terms of reducing cybercrime. Last week, 11 nations announced the takedown of a crime ring associated with the GameOver Zeus botnet.
“It is clear that cybercrime has a real and detrimental impact on the global economy. Over time, cybercrime has become a growth industry; the returns are great, and the risks are low,” said Raj Samani, EMEA Chief Technology Officer for McAfee. “However this situation is not irreparable as stronger technology defenses, greater collaboration between nations, and improved public private partnerships could prevent and reduce the loss from cybercrime.”