Most people paying attention would expect that the cost of cybercrime has gone up in recent years. But a new report has put a number on it: Worldwide cybercrime costs an estimated $600 billion USD a year.
That’s up from $500 billion USD in 2014, the last time security vendor McAfee and think tank the Center for Strategic and International Studies released a similar study. The new estimate amounts to 0.8 percent of global GDP, up from 0.7 percent in 2014.
“Cybercrime is relentless, undiminished, and unlikely to stop,” writes report author James Lewis, senior vice president at CSIS. “It is just too easy and too rewarding, and the chances of being caught and punished are perceived as being too low.”
Lewis points to poorly-protected IoT devices as a particular problem. Insecure IoT devices “provide new, easy approaches to steal personal information or gain access to valuable data or networks,” he writes. They also power botnets that can create massive denial-of-service attacks.
Among the other reasons for the growth in the cost of cybercrime:
- Cybercriminals are embracing new attack technologies.
- Many new Internet users come from countries with weak cybersecurity.
- Online crime is becoming easier through cybercrime-as-a-service and other business schemes.
- Cybercriminals are becoming more financially sophisticated, making it easier to monetize their exploits.
Lewis also suggests that the Tor anonymous browser and Bitcoin are favorite tools of cybercriminals.
“Bitcoin has long been the favored currency for darknet marketplaces, with cybercriminals taking advantage of its pseudonymous nature and decentralized organization to conduct illicit transactions, demand payments from victims, and launder the proceeds from their crimes,” he writes. “Cybercriminals benefit from the fact that no personally identifying information is linked to the use and exchange of Bitcoin, allowing criminals to operate with near impunity.”
Tor developers have defended their project by saying it protects users’ privacy by shielding them from corporate tracking and government surveillance. And Bitcoin defenders say the cryptocurrency’s anonymous transactions help improve security.
The report estimates that computer and Internet users face 80 billion malicious scans each day. There are 33,000 phishing attacks and 4,000 ransomware daily, with about 780,000 records lost to hacking.
The report proposes several steps to reduce cybercrime, although security researchers have been pushing several of the recommendations for years.
Among the proposals:
- Uniform implementation of basic security measures like regular software updates and patches.
- Increased international law enforcement cooperation.
- Tougher cybersecurity laws in several countries.
- Penalties for nations that harbor cybercriminals.
“Without these kinds of action, cybercrime will continue to grow as the number of connected devices grows and as the value of online activities increases,” Lewis writes.
Read The Lazy Person’s Guide to Better Online Privacy to learn how you can take steps to increase your privacy and secure your devices.
Explore the 2017 Global Internet Report: Paths to Our Digital Future to see how cyber threats might impact the Internet’s future, then read interviews with Cyrating and Niel Harper for their perspectives on cybersecurity.