A new report from the Center for Strategic and International Studies (CSIS) estimates that cybercrime costs businesses some $400 billion a year worldwide.
Four countries – China, Japan, Germany and the United States – account for $200 billion of those losses. For the U.S. and Europe, the losses translate to 200,000 jobs and 150,000 jobs, respectively. These numbers do not represent a net loss of jobs as some of the workers displaced find other employment.
“For developed countries, cybercrime has serious implications for employment,” the report states. “The effect of cybercrime is to shift employment away from jobs that create the most value. Even small changes in GDP can affect employment.”
The report (PDF), which was sponsored by Intel’s McAfee security division, notes that cybercrime damages trade, competitiveness and economic. This is particularly true in regards to intellectual property. According to the report, high-income countries lost more as a percent of GDP than low-income countries – perhaps as much as 0.9 percent on average. Based on CSIS estimates, cybercrime takes as much as 15 percent to 20 percent of the value created by the Internet.
Allegations of economic espionage in cyberspace has been one of the main issues between the United States and China for several years. Recently, it came to a head when the U.S. indicted members of the Chinese military for hacking U.S. companies. Though China denied the charges, FBI Director James B. Comey accused the Chinese government of using cyber-espionage as a means to give an advantage to industries it controls.
“Cybercrime is a tax on innovation and slows the pace of global innovation by reducing the rate of return to innovators and investors,” said Jim Lewis, senior fellow and director of the Strategic Technologies Program at CSIS, in a statement. “For developed countries, cybercrime has serious implications for employment. The effect of cybercrime is to shift employment away from jobs that create the most value. Even small changes in GDP can affect employment.”
CSIS estimates that the United States notified 3,000 companies in 2013 that they had been hacked. The favorite target of cybercriminals was the retail industry.
“Putting a number on the cost of cybercrime and cyber-espionage is the headline, but the dollar figure begs important questions about the damage to the victims from the cumulative effect of losses in cyberspace,” according to the report. “The cost of cybercrime includes the effect of hundreds of millions of people having their personal information stolen—incidents in the last year include more than 40 million people in the US, 54 million in Turkey, 20 million in Korea, 16 million in Germany, and more than 20 million in China.”
“One estimate puts the total at more than 800 million individual records in 2013,” the report states. “This alone could cost as much as $160 billion per year. Criminals still have difficulty turning stolen data into financial gain, but the constant stream of news contributes to a growing sense that cybercrime is out of control.”
“It’s clear that there’s a real tangible economic impact associated with stopping cybercrime,” said Scott Montgomery, chief technology officer of the public sector at McAfee, in a statement. “Over the years, cybercrime has become a growth industry, but that can be changed, with greater collaboration between nations, and improved public/private partnerships. The technology exists to keep financial information and intellectual property safe, and when we do so, we create opportunities for positive economic growth and job creation worldwide.”