Cybercrime to cost the world $10.5 trillion annually by 2025.
If it were measured as a country, then cybercrime — which inflicted damages totaling 6 trillion USD globally in 2021 — would be the world’s third-largest economy after the U.S. and China.
According to Cybersecurity Ventures, global cybercrime costs are expected to grow by 15% per year over the next 5 years, reaching 10.5 trillion USD annually by 2025, up from 3 trillion USD in 2015.
This demonstrates the greatest transfer of economic wealth in history. This risks the incentives for innovation and investment. Furthermore, this is crucially larger than the damage inflicted from natural disasters in a year, and will be more profitable than the global trade of all major illegal drugs combined.
The damage cost estimation is based on historical cybercrime figures including recent year-over-year growth.
Cybercrime costs include damage and destruction of data, stolen money, lost productivity, theft of intellectual property, theft of personal and financial data, embezzlement, fraud, post-attack disruption to the normal course of business, forensic investigation, restoration and deletion of hacked data and systems, and reputational harm.
The United States, the world’s largest economy with a nominal GDP of nearly 21.5 trillion USD, constitutes one-fourth of the world economy, according to data from Nasdaq.
Cybercrime has hit the U.S. so hard that in 2018 a supervisory special agent with the FBI who investigates cyber intrusions told The Wall Street Journal that every American citizen should expect that all of their data (personally identifiable information) has been stolen and is on the dark web — a part of the deep web — which is intentionally hidden and used to conceal and promote heinous activities. Some estimates put the size of the deep web (which is not indexed or accessible by search engines) at as much as 5,000 times larger than the surface web, and growing at a rate that defies quantification.
The dark web is also where cybercriminals buy and sell malware, exploit kits, and cyberattack services, which they use to strike victims — including businesses, governments, utilities, and essential service providers.
A cyberattack could potentially disable the economy of a city, state or our entire country.
Billionaire businessman and philanthropist Warren Buffet calls cybercrime the number one problem with mankind, and cyberattacks a bigger threat to humanity than nuclear weapons.
Organized cybercrime entities are joining forces, and their likelihood of detection and prosecution is estimated to be as low as 0.05% in the U.S., according to the World Economic Forum’s 2020 Global Risk Report.
Ransomware — a malware that infects computers (and mobile devices) and restricts their access to files, often threatening permanent data destruction unless a ransom is paid — has reached epidemic proportions globally and is the “go-to method of attack” for cybercriminals.
Some estimates predict the annual, global cost of ransomware attacks will reach 265 billion USD by 2031.
If that’s not scary enough, here are a few more ransomware facts to consider:
In 2021, there was a ransomware attack every 11 seconds — this will increase to every two seconds by 2031.
Only 43% of businesses that suffer a ransomware attack can recover their data.
You might be thinking, “not my business, I’m not a big enough fish,” but you couldn’t be more wrong. In the past 18 months, 60% of all midsize organizations were targets of ransomware attacks, and close to a quarter of those businesses wound up spending an average of 250,000 USD to fully recover from it.
Ransomware, now the fastest growing and one of the most damaging types of cybercrime, will ultimately convince senior executives to take the cyber threat more seriously, according to Mark Montgomery, executive director at the U.S. Cyberspace Solarium Commission (CSC).
CYBERSECURITY BEGINS AT THE TOP.
Someone should be in the boardroom who will wave the red flag and get everyone else paying attention to the severity of cyber risks. Attention is the number one priority, not bringing in a new CISO — instead empower the CISO that you have.
The value of a business depends largely on how well it guards its data, the strength of its cybersecurity, and its level of cyber resilience.
Source: Cybersecurity Ventures