Skip to Content

New Report Suggests the Cost of Cybercrime is Nearly Unknowable

A new report gives a wide range for what cybercrime and espionage actually cost the United States and the world.
July 22, 2013

In this era of Big Data, it seems we can measure almost everything—just not the financial and other losses from the criminal use of computers and networks.

A new report basically says figuring out the cost of cybercrime and espionage is nearly impossible. It says U.S. losses might be as low as $20 billion or as high as $140 billion. “A very crude extrapolation would be to take this ($20 billion to $140 billion) range for the U.S., which accounts for a little more than a fifth of global economic activity, and come up with a range of $100 billion to $500 billion for global losses,” says the report, by the security company McAfee and a Washington think-tank, the Center for Strategic and International Studies. But that range is essentially a wild guess.

Still, these numbers are down considerably from the upper estimate of a $1 trillion global impact cited by President Obama in a 2009 cybersecurity speech. (The $1 trillion figure was later attributed to a press release about an earlier report by McAfee. So much for White House speechwriters.)  

Why is estimating damages so hard? Because it’s hard to detect attacks in the first place (see “Preparing for Cyberwar Without a Map”), the attacks come in myriad guises (see “Moore’s Outlaws”), companies are reluctant to disclose what’s happened to them, it’s difficult to value thefts that don’t involve stealing money, and surveys can be inaccurate.

The report asserts that the theft of intellectual property may be the most worrisome—and that more studies are on the way on this point. But even the people searching for better data say they won’t insist on getting it. There can be downsides to companies disclosing how they were attacked and what was stolen, said James Lewis, director of the technology and public policy at CSIS. “I’d rather have a company retain value than be damaged because I got better data,” he said.

So don’t expect much more clarity in the future.

Keep Reading

Most Popular

This startup wants to copy you into an embryo for organ harvesting

With plans to create realistic synthetic embryos, grown in jars, Renewal Bio is on a journey to the horizon of science and ethics.

VR is as good as psychedelics at helping people reach transcendence

On key metrics, a VR experience elicited a response indistinguishable from subjects who took medium doses of LSD or magic mushrooms.

This nanoparticle could be the key to a universal covid vaccine

Ending the covid pandemic might well require a vaccine that protects against any new strains. Researchers may have found a strategy that will work.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.