New Report Suggests the Cost of Cybercrime is Nearly Unknowable
In this era of Big Data, it seems we can measure almost everything—just not the financial and other losses from the criminal use of computers and networks.
A new report basically says figuring out the cost of cybercrime and espionage is nearly impossible. It says U.S. losses might be as low as $20 billion or as high as $140 billion. “A very crude extrapolation would be to take this ($20 billion to $140 billion) range for the U.S., which accounts for a little more than a fifth of global economic activity, and come up with a range of $100 billion to $500 billion for global losses,” says the report, by the security company McAfee and a Washington think-tank, the Center for Strategic and International Studies. But that range is essentially a wild guess.
Still, these numbers are down considerably from the upper estimate of a $1 trillion global impact cited by President Obama in a 2009 cybersecurity speech. (The $1 trillion figure was later attributed to a press release about an earlier report by McAfee. So much for White House speechwriters.)
Why is estimating damages so hard? Because it’s hard to detect attacks in the first place (see “Preparing for Cyberwar Without a Map”), the attacks come in myriad guises (see “Moore’s Outlaws”), companies are reluctant to disclose what’s happened to them, it’s difficult to value thefts that don’t involve stealing money, and surveys can be inaccurate.
The report asserts that the theft of intellectual property may be the most worrisome—and that more studies are on the way on this point. But even the people searching for better data say they won’t insist on getting it. There can be downsides to companies disclosing how they were attacked and what was stolen, said James Lewis, director of the technology and public policy at CSIS. “I’d rather have a company retain value than be damaged because I got better data,” he said.
So don’t expect much more clarity in the future.
Keep Reading
Most Popular
Large language models can do jaw-dropping things. But nobody knows exactly why.
And that's a problem. Figuring it out is one of the biggest scientific puzzles of our time and a crucial step towards controlling more powerful future models.
How scientists traced a mysterious covid case back to six toilets
When wastewater surveillance turns into a hunt for a single infected individual, the ethics get tricky.
The problem with plug-in hybrids? Their drivers.
Plug-in hybrids are often sold as a transition to EVs, but new data from Europe shows we’re still underestimating the emissions they produce.
Stay connected
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.