How Cybercrime Became a $1 Trillion Problem

Although the saying “crime doesn’t pay” may have some truth to it, a new report shows that cybercrime does in fact pay—and the numbers are only going up.

Monetary losses from cybercrime are estimated to reach $945 billion in 2020, up from $522 billion in 2018 and $300 billion in 2013, according to a study released last week by The Center for Strategic and International Studies, a nonprofit research organization that focuses on national security issues, and the cybersecurity firm McAfee. Add to that the approximately $145 billion in global spending on cybersecurity this year and a picture emerges of cybercrime having an impact of more than $1 trillion on the world economy, according to the report.

McAfee Chief Technology Officer Steve Grobman says there are two big factors that help explain the increasing cost of cybercrime: the rapid embrace of new technology, and the growing severity of certain cyberattacks.

In recent years, enterprises of all shapes and sizes have embraced cloud computing, mobile devices and—especially over the last year—a variety of tools that allow employees to work remotely, which can expand an organization’s attack surface. For example, Gartner estimates that the market for public cloud services will grow 17% in 2020, to about $266 billion. In 2022, the research firm forecasts that the market will hit revenues of about $355 billion. Many of the firms embracing these new technologies aren’t particularly savvy when it comes to IT—manufacturing and shipping companies, for example, might be rapidly expanding their attack surface without investing in cybersecurity and tweaking their defense plans, Grobman said.

Additionally, cybercriminals in many ways can cause more damage—and make more money—with cyberattacks then they have in the past. Ransomware demands are doubling about every six months, according to a recent study. Just a few years ago, cybercriminals could only hope to extract a few hundred dollars with every ransomware attack they launched. In the second quarter of 2020, the average demand reached a whopping $178,000, as hackers embraced cryptocurrency payments, launched attacks that maximize damage, performed extensive reconnaissance before infecting devices, and targeted their attacks on organizations that can afford big payouts.

The damage directly caused by these attacks is only one part of the headache, said Grobman. Since hackers are trying to maximize damage with their attacks, organizations have to spend more time and money investigating and cleaning up after incidents.

“The challenge for the defender is if you think there’s a cybercriminal that has access to your environment, you can’t simply remediate the one machine or system that has been impacted—the attacker could have implanted malware on multiple machines simultaneously,” he said. “It’s not easy to recover from these incidents, because you need a high level of confidence before you’re able to close it out.” 

A potential third factor is that the global ecosystem for cybercrime has devolved to a point where it is ignored or even encouraged in some countries, according to Grobman. For example, cybersecurity experts have highlighted in recent years how North Korea uses cyberattacks as a source of income, while Russia allows certain cybercriminals to operate as long as they collaborate with the government or target organizations that go along with the country’s political interests.