Summary of Key Points
- Experts agree that “cybercrime” as we understand it today originated in the 1980s.
- Cybercrime has caused nearly $6 trillion in damages since the 1980s, and that figure is expected to reach $10.5 trillion by 2025
- Just about every business today has been directly impacted by cybercrime of some type
- Cybercrime has increased 300% since March 2020, with nearly 4.7 million instances reported in the USA in 2020 (compared with roughly 1.5 million in 2010).
- Organizations in the healthcare, financial, military/government, education, and energy sectors of G20 nations are most heavily targeted by cybercriminals.
Cybercrime is a scary word—but what’s scarier is how little most people actually know about it. The way cybercrime is carried out, the wide variety of businesses it often targets, and the cost those organizations face are often unknown or ignored by the people who stand to lose the most. Learning about these details matters. Doing so can motivate you to implement an effective cybersecurity strategy for your company and protect your critical data.
As a managed security services provider, we have a unique perspective on cybercrime. Below, we’ve put together an overview of cybercrime throughout the past two decades—how it’s evolved, who it impacts, and what it can cost them. Read on to learn about key cybercrime milestones so you can take steps to give yourself a defense against present and future threats.
How Has Cybercrime Changed Over the Past 20 Years?
There’s plenty of debate about when exactly cybercrime started, but most experts agree that it caught on in the late 1980s when email became a commonly-used technology. Many early cyber crimes involved using emails to send viruses or perpetrate scams—a trend that continues today in the form of phishing.
The 1990s saw the rise of internet browsers for personal computers (remember Netscape, anyone?). With this came the ability for cybercriminals to surreptitiously direct victims to pages where they’d unwittingly reveal personal information or download viruses—often via a technique called domain spoofing.
But the dawning of the social media age in the New Millennium created a brand new world for cybercriminals to exploit. Suddenly, people all over the world were willingly placing their personal information online, and often making it visible to the public. This low-hanging fruit fed a veritable army of identity thieves, who often used their ill-gotten but poorly-protected gains to gain access to bank accounts, credit cards, and more.
Today, cybercriminals tend to think bigger—although lone-wolf “hackers” still exist, posing a real threat to individuals and small businesses. However, when cybercrime makes the news these days, stories typically focus on well-organized groups of threat actors co-ordinating large-scale attacks against major corporations or governments.
That doesn’t mean small businesses or individual entrepreneurs can afford to relax, though—as successful large-scale cyber attacks tend to have a ripple effect, impacting people and businesses along supply chains that can stretch around the world. To get a sense of how widespread these effects are, we need to look at how the number of affected businesses has grown over the years.
How Many Businesses Are Affected by Cybercrime?
The truth is, any organization (and indeed, practically any person on the planet) can be vulnerable to the effects of a cyber attack. Even if you live off the grid in a tiny home deep in the woods, the reality is that you still probably rely on food, clothing, or equipment provided by a company that uses the internet. Disruptions to that company’s operations could leave you without basic necessities.
But for our purposes, we’ll limit this investigation to the direct victims of cybercrime—the businesses that have experienced a cyberattack firsthand. While it’s impossible to obtain exact figures, we can put together a reasonable idea based on the attacks that have been discovered and reported during the past two decades.
In the Last 5 Years
According to the FBI, reported cybercrime has gone up by 300% since the start of the COVID-19 pandemic alone. While certain forms of cybercrime (like ransomware) have actually decreased during this period, total cybercrimes are very much on the rise as both easier and more advanced methods have become increasingly common.
In the Last 10 Years
The Consumer Sentinel Network releases annual findings that contain details on cybercrime reports in the US. The total number of reports in 2010 was 1,470,306, which jumped to 4,720,743 by 2020—over 3.2 times as many documented incidents of fraud, identity theft, and other cybercrimes.
In the Last 20 Years
It’s impossible to say exactly how many cybercrimes took place in the 1980s and 1990s, since many took place before systems were in place to monitor them properly. But going back to the Consumer Sentinel Network report for 2006 shows just 670,000 reported incidents of fraud and identity theft—a clear sign that the number has ballooned over time.
What Are the Costs of Cybercrime?
The quantity of cybercrimes alone isn’t enough—it’s vital to know how much they can cost you as well. Let’s take a look at the available data.
In the Last 5 Years
Cybercrime caused a total of $6 trillion in damages around the world by the end of last year—and that number is expected to jump to $10.5 trillion by 2025.
In the Last 10 Years
The previous decade saw much lower costs associated with cybercrime. For example, in 2011, the Norton Cybercrime Report estimated the total costs—including the value of lost time—to be no more than $388 billion.
In the Last 20 Years
Hard data estimating global losses from cybercrime in the early days of the internet is difficult to come by—but archived news reports from those years often list figures in the tens of millions. The fact that these (relatively) small numbers were so notable in the 1980s and 1990s is a testament to how aggressively the costs of cybercrime have grown in the years since.
What Types of Businesses Are Most Vulnerable to Cybercrime?
As noted earlier, every organization and individual can be a victim of cybercrime—but some are more likely to be attacked than others. The rule of thumb here is: the more you have to lose and the easier it is to steal, the more overall risk you face.
Remember: the goal of most cybercriminals is to steal as much as they can with the lowest possible cost. There are exceptions—such as when cybercrime is used by terrorists, state-sponsored hackers, or other politically-motivated parties. However, the majority of targets are selected for the potential payoff they represent and the ease with which they can be breached.
Organizations in G20 countries face the highest amount of risk. The industries most often attacked include the healthcare, financial, military/government, education, and energy sectors.
Cybercrime vs. Traditional Crime: Finding the True Cost
One easy way to see the impact of cybercrime is to weigh the numbers we have against the costs of traditional crimes like tax or welfare fraud. One study estimates that these traditional methods of theft cost the average citizen a couple hundred dollars per year.
As for the cost of cybercrime? Well, let’s take our number from earlier—$6 trillion in damages around the world by 2022. Divide that by the roughly 7.5 billion people who live on earth, and you get $800. That’s assuming the burden is shared equally, which we know it isn’t. If you live in a G20 country, you’re probably paying a lot more.
Knowing that, it’s vital to ensure you and your organization are as well-protected from cybercrime as possible. Get help establishing and maintaining a cybersecurity posture you can count on when you contact us and speak with an IT expert who can help you find peace of mind.