TORONTO – Cybercrime is a profitable industry.
According to a new report from the Center for Strategic and International Studies (CSIS), cybercrime costs the global economy almost US$445 billion per year, putting it in the ranks of drug trafficking in terms of economic harm.
The report, sponsored by software security firm McAfee, found that four of the largest economies in the world were the most affected by cybercrime.
Cybercrime is estimated to cost the U.S., Germany, China and Japan about US$200 billion per year combined.
The report breaks harm from cyber attacks into three categories – the largest being intellectual property theft, the second largest being financial crime and the last being theft of confidential business information.
Losses connected to personal information, such as credit cards, were among the largest categories, according to CSIS.
“Putting a number on the cost of cybercrime and cyberespionage is the headline, but the dollar figure begs important questions about the damage to the victims from the cumulative effect of losses in cyberspace,” read the report released Monday.
“The cost of cybercrime includes the effect of hundreds of millions of people having their personal information stolen.”
According to the report, by some estimates more than 800 million individual records were stolen in 2013, which would result in US$160 billion in losses on its own.
And 2014 has already been an eventful year for cybercrime and hacking scandals.
In April a flaw found in OpenSSL encryption technology dubbed the Heartbleed bug left millions of users worldwide open to hackers. Over 900 social insurance numbers were stolen from the Canada Revenue Agency as a result of the security bug.
In May, popular e-commerce site eBay was hacked, allowing attackers to compromise a database containing encrypted passwords and personal information for 145 million users.
The report calls on governments to start collecting and publishing data on cybercrime in order to help other countries and companies make better choices about risk and policy.
“Cybercrime costs are big, and they’re growing,” said Stewart A. Baker, a former Department of Homeland Security policy official and a co-author of the report.
“The more that governments understand what those costs are, the more likely they are to bring their laws and policies into line with preventing those sorts of losses.”
CSIS came up with a range of estimates for the report – from US$375 billion to US$575 billion in total losses – by comparing published data on cybercrime from governments around the world and through interviews with officials in 17 countries.
The report also factors in the cost of recovery from cyber attacks.
© Shaw Media, 2014