Cybercrime damages expected to cost the world $6 trillion by 2021

Massive expansion of the global cyber attack surface will fuel the cybercrime epidemic

160303 d sk590 072
Secretary of Defense Ash Carter receives a tour of the Microsoft Cybercrime Center in Seattle, March 3, 2016. Credit: Tim D. Godbee/DOD

Cybercrime will continue its stratospheric growth over the next five years, according to a recent report published by Cybersecurity Ventures. (Disclaimer: Steve Morgan is the Founder and CEO at Cybersecurity Ventures.)

While there are numerous contributors to the rise in cybercrime -- which is expected to cost the world more than $6 trillion by 2021, up from $3 trillion in 2015 -- the most obvious predictor is a massive expansion of the global attack surface which hackers target.

Data remains the primary hacker target. Microsoft predicts by 2020 data volumes online will be 50 times greater than today. There are 111 billion lines of new software code being produced each year — which will include billions of vulnerabilities that can be exploited, according to research conducted by Secure Decisions.

Some media estimates peg the number of internet of things (IoT) devices to exceed 200 billion by 2020.

In a report last year, ABI forecasted that more than 20 million connected cars will ship with built-in software-based security technology by 2020 — and Spanish telecom provider Telefonica states by 2020, 90 percent of cars will be online, compared with just 2 percent in 2012.

The $6 trillion estimate of costs related to cybercrime damages by 2021 is based on historical cybercrime figures including recent year-over-year growth, a dramatic increase in hostile nation state sponsored and organized crime gang hacking activities, a cyber attack surface which will be an order of magnitude greater than it is today, and the cyber defenses expected to be pitted against hackers and cybercriminals over that time.

The cybercrime cost prediction includes damage and destruction of data, stolen money, lost productivity, theft of intellectual property, theft of personal and financial data, embezzlement, fraud, post-attack disruption to the normal course of business, forensic investigation, restoration and deletion of hacked data and systems, and reputational harm.

Is it possible the estimate could be off? It may actually be understated. The worldwide cyber damage estimates do not include unreported cybercrimes, legal and public relations fees, declines in stock and public company valuations directly and indirectly related to security breaches, negative impact on post-hack ability to raise capital for start-ups, interruptions to e-commerce and other digital business transactions, loss of competitive advantage, departure of staff and recruiting replacement employees in connection with cyber-attacks and resulting losses, ongoing investigations to trace stolen data and money, and other.

Cyber threats have evolved from targeting and harming computers, networks, and smartphones — to humans, cars, railways, planes, power grids and anything with a heartbeat or an electronic pulse. As the planet morphs into a digital global society of interconnected people, places, and things, there's a whole lotta cyber that needs to be defended.

To comment on this article and other CSO content, visit our Facebook page or our Twitter stream.
Insider: Hacking the elections: myths and realities
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.