Cybercrime has a significant impact on economies worldwide. A new report from the Center for Strategic and International Studies (CSIS) concludes that cybercrime costs businesses approximately $445 billion worldwide (approximately £266 billion), with an impact on approximately 150,000 jobs in the EU and 200,000 jobs in the U.S.
The most important cost of cybercrime comes from its damage to company performance and to national economies. Cybercrime damages trade, competitiveness, innovation, and global economic growth. Studies estimate that the internet economy annually generates between $2 trillion and $3 trillion, a share of the global economy that is expected to grow rapidly. Based on CSIS analysis, cybercrime extracts between 15% and 20% of the value created by the internet.
Cybercrime’s effect on intellectual property (IP) is particularly damaging, and countries where IP creation and IP-intensive industries are important for wealth creation lose more in trade, jobs and income from cybercrime than countries depending more on agriculture or industries of low-level manufacturing, the report found. Accordingly, high-income countries lost more as a per cent of GDP than low-income countries – perhaps as much as 0.9 per cent on average.
“Cybercrime is a tax on innovation and slows the pace of global innovation by reducing the rate of return to innovators and investors,” said Jim Lewis of CSIS. “For developed countries, cybercrime has serious implications for employment. The effect of cybercrime is to shift employment away from jobs that create the most value. Even small changes in GDP can affect employment.”
Economic impact on both businesses and consumers
CSIS researchers found that in the U.K., retailers reportedly lost more than $850 million to hackers. The United States notified 3,000 companies in 2013 that they had been hacked, with retailers leading as a favourite target for hackers. Australian officials reported that large scale attacks have occurred against an airline, hotel chains and financial services companies, costing an estimated $100 million. With proper protections in place, these losses could be avoided.
The report found that global losses connected to “personal information” breaches could reach $160 billion. Forty million people in the U.S., roughly 15 per cent of the population, have had their personal information stolen by hackers. The study tracked high-profile breaches around the world with 54 million in Turkey, 20 million in Korea, 16 million in Germany and more than 20 million in China, having their personal information stolen in the last year.
Part of the losses from cybercrime are directly connected to what experts call “recovery costs,” or the digital and electronic clean-up that must occur after an attack has taken place. The McAfee-CSIS report discovered that while criminals will not be able to monetise all the information they steal, their victims must spend significant resources as if they could.
In Italy, for example, actual hacking losses totaled $875 million, but the recovery, or clean-up costs, reached $8.5 billion. In other words, there can be a tenfold increase between the actual losses directly attributed to hackers and the recovery companies must implement in the aftermath of those attacks.
Turning from losses to potential economic gains
Governments are beginning serious, systematic efforts to collect and publish data on cybercrime to help countries and companies make better choices about risk and policy. Improved international collaboration, as well as public/private partnerships are also beginning to show tangible results in terms of reducing cybercrime. Last week, 11 nations announced the takedown of a crime ring associated with the GameOver Zeus botnet.
“It is clear that cybercrime has a real and detrimental impact on the global economy. Over time, cybercrime has become a growth industry; the returns are great, and the risks are low,” said Raj Samani, EMEA Chief Technology Officer for McAfee. “However this situation is not irreparable as stronger technology defences, greater collaboration between nations, and improved public private partnerships could prevent and reduce the loss from cybercrime.
“Making progress on these changes will require governments and businesses to work together to create a stronger method for reporting and measuring the economic impact cybercrime has in order to effectively assess risk and take appropriate action. As more businesses move online and more consumers connect to the internet, the opportunities for cybercrime will only grow, making it imperative that countries work together now to proactively tackle cybercrime,” concluded Samani.