The Economic Implications of Cybercrime
Cybercrime emerged relatively recently - in the 1970s, and these crimes continue to escalate today. Cybercrime has evolved from telephone “Phreakers” circumventing payment for phone calls in the 1970s to high-profile attacks against governments and large corporations today. This form of online crime poses a complex challenge to law enforcement, as it is extremely difficult to detect the crime and identify the criminals: hackers. Furthermore, this contemporary issue has limited resources that can be used to combat it; laws take time to pass, and new law enforcement procedures are slow to integrate. Even if law enforcement can identify that a crime took place, jurisdictional boundaries prevent apprehension of the criminal. Cybercrime costs the global economy $7 trillion annually (EIN News, 2022), and this number is growing. In 2021, the entire UC school system was a target of an Accellion cyber attack, leading to a large-scale data breach. Hundreds of thousands of students and faculty had their social security numbers and bank account information compromised. This is where the market for cybersecurity comes into play. Cybercrime prevention is much more efficient than cybercrime punishment. Cybercrime is a prominent issue facing the world economy, with high incentives for hackers, the prevention of cybercrimes through specialization in the legal system is of high priority. Implementation of prevention policies, such as specialized task forces, would be incredibly effective to lower the rate of cybercrime.
A cybercrime is defined as a crime that uses a computer network during any phase of said crime. Examples include online fraud, money laundering, infrastructure attacks, use of computers to further traditional crime, and cyber-based extortions. Cybercrimes are unique for three reasons. Firstly, as compared to traditional crimes, they are inherently technologically intensive and thus, skill intensive. Secondly, cybercrimes are easily scaled, and can become global threats due to their remote nature. Lastly, this form of crime is relatively new, thus law enforcement is inexperienced in addressing them and often lacks manpower to tackle them. The nature of cybercrimes make enforcement of the law very difficult; procedural and jurisdictional issues result in the majority of cybercrimes unaddressed. The increased success in cybercrimes by cybercriminals has encouraged the cybercriminal community to grow. Since people can easily
stay anonymous on the internet, many international hackers don’t have to try very hard to conceal their digital aliases. Furthermore, organized cyber criminals often invest their illegally obtained income into new technologies that can globalize their operations. With law enforcement lagging behind these innovations, cybercrime is in a vicious cycle that has further expanded the range of damage.
Cybercrime is highly lucrative and minimally risky. In comparison to an old-fashioned bank heist, a digital bank heist has a much lower risk of legal repercussions due to the protection of screens and VPNs, making it a much more attractive method to those who know how to manipulate digital systems. We can use economic theory to further evaluate the incentives for cybercrime. Using cost-benefit analysis, we can conclude that a cybercrime occurs if the monetary gain of the crime is greater than the monetary opportunity cost of conviction, taking into account the probabilities of said conviction. There is a large monetary benefit to cybercrimes, with financial institutions being targeted by at least 60% of hackers (IEEE, 2006). Financial gain can come from extortion, ransomware attacks, stealing and selling sensitive information, or getting paid large ransoms for unblocking encrypted data. Furthermore, most companies comply with cybercriminal demands to pay ransom instead of waiting around for law enforcement to get involved. Paying the ransom fixes operational disruptions caused by hackers much quicker than reporting the crime to law enforcement. Especially at large firms, operational disruptions cost more than ransom demanded. With large returns, fiscal incentives for cybercriminals are high.
Cost-benefit analysis exemplifies the financial incentives for cybercrime. The monetary opportunity cost of conviction is the income the criminal would forego during incarceration. For example, if a hacker was making $50,000 yearly off cybercrime, a three year jail sentence would cost the hacker $150,000. The probability of arrest and conviction are also extremely low for cybercrimes due to the difficulty of identifying the criminal and proving guilt beyond a reasonable doubt. Let’s say a cybercriminal makes $50,000 yearly from cybercrime, and let’s assume that the probability of them being arrested and convicted is 0.3% (IEEE, 2006). We can see that the benefit of cyber crime is $50,000, while the cost of committing cybercrime is $450, which is found by multiplying the $150,000 opportunity by the chance of capture (0.3%). It is
clear that $50,000 > $450; the benefits greatly outweigh the costs of performing cybercrime. The majority of cases follow this same logic where the benefit of committing a cybercrime outweighs the costs, which explains cybercrime’s rampant nature.
With cybercrime continuing to expand and global losses increasing, the fight against cybercrime is a losing one. The best way to protect against cybercrime is through cybersecurity. The cybersecurity market offers protection for systems, networks, and programs from digital attacks in many realms. Cybersecurity comes in many forms such as firewalls. Firewalls are softwares or hardware programs that filter out data trying to enter your computer or network. A firewall scans packets for known malicious code or attack vectors. In the event that a data packet is flagged as a security risk, the firewall prevents it from entering the network or reaching your computer. The cybersecurity market was valued at USD 139.77 billion in 2021 and the market is projected to grow to USD 376.32 billion by 2029 (Fortune Business Insights, 2022). Almost all firms nowadays have large budgets for cybersecurity spending; Morgan Stanley is now allocating four billion dollars annually to IT and cybersecurity (CIO Dive, 2018). Not only does this market provide more jobs and contribute to the global GDP, but it also improves economic growth. With the current growth of digitization of global enterprises prompted by the adoption of developing technologies, the importance of data security has increased across industries. The adoption of digitization is highly correlated with economic development due to increased technological efficiencies implemented across sectors. Cybersecurity is greatly important in ensuring secure connections for global enterprises and all end users.This also helps secure the stability and well being of the global economy.
With companies shelling out billions of dollars on cybersecurity measures, these costs are trickling down to consumers. Companies may incur a range of outlays including: cybersecurity technology and expertise, notifying affected parties of a breach, insurance premiums, public relations support, and lawyers. This large investment into cybersecurity is tightening margins at firms. Consumers are becoming the bearer of these costs as product prices are hiked (Investopedia, 2022). Increased prices lower consumer purchasing power leading to fewer transactions and overall lower consumption. The ramifications from cybersecurity investment are still two fold. As discussed previously, we see the production side impact of increased consumer
prices. On the other hand, we see the consumer side effect through changes in consumer behavior. Consumer trust is highly affected in cases where their own information is at stake. Recent figures have shown that 45% of American consumers have scaled back on online shopping due to security and privacy fears (Forbes, 2016). We can draw a clear conclusion that a decrease in consumption linked to cybercrime negatively impacts the global economy.
Despite the contemporary nature of cybercrime, its impact on the global economy is prominent. With limited legal capability to control cyber criminals and high financial rewards for cybercrime, cybercrime is rampant and increasing. In attempts to prevent cyberattacks, the market of cybersecurity is booming. Even with these measures in place, 600 billion dollars (which is one percent of global GDP) is lost to cybercrime every year (CSIS, 2018). The large costs of trying to prevent cybercrime is negatively affecting consumer behavior and overall consumption. It is clear the negative impact cybercrime has on the global economy. Cybersecurity is the first step to prevention, and must be adopted at a high level to be effective. The cost of cybercrime to consumers outweighs the cost of cybersecurity investment. We must also place emphasis on new policies to increase law enforcement efficiency in catching and apprehending cybercriminals. This requires higher budgets for specialized cybercrime teams, global collaboration to reduce jurisdictional boundaries, and improved legal codes to properly penalize cyber crimes. Cybercrime is a complex problem, and must be met with varied solutions.
CSIS. “Economic Impact of Cybercrime.” Economic Impact of Cybercrime | Center for Strategic and International Studies, 27 Oct. 2022.
Farber, Malcomb. “Cybercrime Damages to Cost the World $7 Trillion USD in 2022.” EIN News, EIN Presswire, 10 Aug. 2022.
Fortune Business Insights. “Cyber Security Market Overview by Size, Growth & Trends, 2029.” Fortune Business Insights, 2022.
Freeze, Di. “The History of Cybercrime and Cybersecurity, 1940-2020.” Cybercrime Magazine, 5 Dec. 2020.
Kshetri, Nir. (2006). The simple economics of cybercrimes. Security & Privacy, IEEE. 4. 33 - 39. 10.1109/MSP.2006.27.
Olenski, Steve. “The Effect of Cyber Crime on Online Shopping.” Forbes, Forbes Magazine, 4 Aug. 2016.
Schwartz, Samantha. “Morgan Stanley Dwarfs Average Businesses with $4B Annual It Budget.” CIO Dive, 13 June 2018.
The Investopedia. “6 Ways Cybercrime Impacts Business.” Investopedia, Investopedia, 13 July 2022.