Financial Blog Corliss Group Cybercrime Could Cost Global Economy Over $500 Billion

McAfee report paints grim picture of lucrative industry, despite incomplete data.

Cybercrime could be costing the global economy as much as $575 billion annually, according to a new report from McAfee.

The Intel-owned security company based its estimate on a range of sources, from government agencies to NGOs and academic institutions, counting both direct and indirect costs.

The report, Estimating the Global Cost of Cybercrime explained the methodology as follows:

“This study assumes that the cost of cybercrime is a constant share of national income, adjusted for levels of development. We calculated the likely global cost by looking at publically available data from individual countries, buttressed by interviews with government officials and experts. We looked for confirming evidence for these numbers by looking at data on IP theft, fraud, or recovery costs. In addition to a mass of anecdotes, we ultimately found aggregate data for 51 countries in all regions of the world who account for 80% of global income. We used this data to estimate the global cost, adjusting for differences among regions.”

However, the vendor cautioned that “differences in the thoroughness of national accounting”, as well as underreporting of incidents and the difficulty of valuing IP all make calculations an imprecise art.

High income countries lost more as a percentage of GDP, which could be because they have better accounting systems in place and/or that their IP is more valuable and therefore a bigger target for criminals.

The $575bn figure therefore comes from extrapolating a global total from high loss countries. It could be as low as $375bn if McAfee had extrapolated from “all countries where we could find open source data”.

On the other hand, the figure would be $445bn if the firm aggregated costs as a share of regional incomes, it said.

Whatever the final figure, it’s clear that richer countries in Europe, North America and Asia lost the most, because they are bigger targets and provide a better return on investment for the hacker. For example, G20 countries are said to have lost $200bn to cybercrime.

The UK, at 0.16%, had one of the lowest losses to cybercrime as a percentage of GDP, while the US (0.64%), came just ahead of China (0.63%) but trailed the most affected G20 nation: Germany (1.6%).

McAfee warned that as more businesses and consumers move online and more devices connect to the internet of things, cybercrime will continue to grow. IP theft, a “tax on innovation” will also increase as those countries which acquire it become more adept at building a competitive advantage.

Aside from calling for improvements to technology and defences, the report urged governments to work harder on creating best practice cybersecurity standards and cross-border law enforcement agreements.

It added that they must do a better job on accounting for cybercrime losses to provide a more comprehensive picture on where deficiencies lie.

For the record, McAfee's report last year estimated cybercrime losses of $100-500bn annually.