The British government has released a report on the annual cost of cybercrime to the United Kingdom. The study mechanism seems greatly flawed, in that it relies almost exclusively on published reports and expert opinions, rather than on any structured gathering of information from victims.
The news was announced in the press this week, for example in the Independent.
They came up with a 2010 annual cost of cyber crime of £27 billion (or $43 billion US Dollars). If the costs were projected evenly from the $2.2 trillion UK economy to the $14.1 trillion US economy, that would estimate our own costs of cybercrime at $275 billion (roughly 6.4 times larger economy.) There is no basis to believe that projection is accurate, but the scale is probably similar.
The study was paid for by the OCSIA, the Office of Cyber Security and Information Assurance. It was conducted by Detica, a BAE Systems company.
The full 32 page report is available from the Cabinet Office
They place costs at:
£3.1 billion to citizens with
£1.7 billion in Identity Theft
£1.4 billion to online scams.
£2.2 billion to the government
£21 billion businesses of which:
£9.2 billion in Intellectual Property theft
£7.6 billion in industrial espionage
£2.2 billion in extortion
£1.3 billion from direct theft
£1 billion in costs related to lost customer data
The Intellectual Property theft was certainly not evenly distributed. They put the most likely industries as:
£1.8 billion = pharmaceuticals & biotech
£1.7 billion = electronic & electrical material
£1.6 billion = software & computer services
£1.3 billion = chemicals
£800 million = automobiles & parts
£800 million = non-profits
£400 million = aerospace & defence
The greatest risk in Intellectual Property theft was believed to be untrustworthy insiders who fell to the pressure of bribery.
The Espionage Impact was largely in three areas:
£2.1 billion = financial services
£1.6 billion = mining
£1.3 billion = aerospace and defence
£900 million = software & computer services