Cybercrime costs the global economy between a whopping $100 billion and $500 billion annually, according to a first-of-its-kind report quantifying the economic impact of malicious cyber activity.
The research by the security firm McAfee and the Center for Strategic and International Studies (CSIS) also posts a $100 billion annual loss to the US economy and as many as 508,000 US jobs lost as a result of cyber crime.
To help measure the real loss from cyber attacks, CSIS enlisted economists, intellectual property experts and security researchers to develop the report.
More From This Section
Researchers used real-world analogies like figures for car crashes, piracy, pilferage, and crime and drugs to build out the model.
They noted the difficulty of relying on methods such as surveys because companies that reveal their cyber losses often cannot estimate what has been taken, intellectual property losses are difficult to quantify and the self-selection process of surveys can distort the results.
For purposes of the research, CSIS classified malicious cyber activity into six areas: Loss of intellectual property, cybercrime, loss of sensitive business information, opportunity costs, additional cost of securing networks, insurance and recovery from cyber attacks, and reputational damage to the hacked company.
"We believe the CSIS report is the first to use actual economic modelling to build out the figures for the losses attributable to malicious cyber activity," said Mike Fey, executive vice president at McAfee.
"This report is also the first to connect malicious cyber activity with job loss," said James Lewis, co-author of the report.
Researchers acknowledged more data is needed for precise estimates.
"Using figures from the Commerce Department on the ratio of exports to US jobs, we arrived at a high-end estimate of 508,000 US jobs potentially lost from cyber espionage. As with other estimates in the report, however, the raw numbers might tell just part of the story," Lewis said.