Cybercrime: The 21st-Century Criminal Threat
By Nadav Morag, Ph.D., University Dean of Security Studies
We live in what is, for all intents and purposes, a digitized world. In the developed world, virtually all forms of personal data, from bank account information, to hotel reservations, to shopping habits, are transmitted via the Internet (or various Intranet systems) and stored on computer databases. This has created tremendous efficiencies for businesses (and government) and has opened up spectacular opportunities and conveniences for consumers. There can be little doubt that the computerization of our world has provided unheard-of benefits, and we are still only in the early stages of this digital revolution. At the same time, technological change, and the social changes it brings about, also has negative aspects. Just as the advent of motor vehicles increased pollution and urban sprawl (but who would go back to the horse and buggy?), the digital revolution has had negative consequences, ranging from lack of exercise among children, to a reduction in the number of books read by the younger generation. However, one of the most insidious effects of the creation of a computer and Internet-based economy and culture has been the rise of cybercrime.
Cybercrime, as distinct from cyber-espionage (which is designed to steal government or corporate secrets) and “hacktivism” (which is designed to disrupt computer networks or steal data in order to make a political statement), is a growing problem that has a profound impact on the economy of the United States and other developed countries. One estimate suggests that cybercrime may cost the United States as much as $100 billion per year, or about 500,000 jobs. The estimates regarding how much money cybercrime has cost the global economy range into the hundreds of billions of dollars, although it is admittedly hard to settle on an exact amount since there is no single database on such activities, and since many governments and corporations do not share information on cyber-attacks for fear of harming their reputations or highlighting vulnerabilities.
According to an analysis by the Center for Strategic and International Studies (CSIS), cybercriminals engage in activities ranging from selling business information and intellectual property to stock-market manipulation. In addition, they cost businesses money due to the need to secure networks and cope with service disruptions. Even with these measures, businesses suffer reduced trust on the part of consumers who are reluctant to engage with hacked companies.
Besides the larger-scale economic threat, cybercrime’s impact is often most troublesome and immediate for individuals who have been defrauded by cybercriminals posing as legitimate businesses, or who have had their personal data stolen and identities compromised. According to a report by the United Nation’s Organization on Drugs and Crime (UNODC), the most profitable form of cybercrime is identity theft, which generates as much as $1 billion in annual profits globally. According to UNODC, individual levels of victimization are considerably higher for cybercrime as opposed to traditional crime and, despite what might be expected given the digital saturation of the developed world, levels of victimization are even higher in countries with lower levels of economic development.
Profits from cybercrime are also fueling a new generation of criminals in organized crime with established gangs engaging in cybercrime as part of their portfolio of illegal activities, and with new organizations being created on the basis of cybercrime. According to UNODC, more than 80 percent of cybercrime is carried out through some sort of organized criminal activity ranging from gangs to cybercrime black markets. The same study points out, however, that the ready availability of malware tools portends an increasing number of non-affiliated individuals with little or no technical expertise who can and will engage in sophisticated cybercrimes.
While much more can be said about the nature of this comparatively new criminal threat, there is no question that it is a growing problem. And while ordinary cybercrime thankfully does not involve physical violence (as opposed to, say, muggings or bank robberies), it is far from a victimless crime.
Nadav Morag, Ph.D., is university dean of Security Studies at CTU. He works on projects for the Department of Homeland Security and the Department of Defense, and he is a published author on terrorism, security strategy and foreign policy. Connect with Dr. Morag on Twitter.
Image Credit: Flickr/elhombredenegro