Cybercrime will cost $12TN next year, say experts


The cost of cybercrime will reach $12 trillion by 2025, according to a volunteer group of analysts and experts.

Given that the global cost for next year was previously estimated by Cybersecurity Ventures at $10.5 trillion, the latest and more recent claim by the Computer Crime Research Center (CCRC) – although higher – does not seem far-fetched.

The CCRC cited other cybersecurity research by CheckPoint and Orange Cyderdefense, which noted consistent growth in cyberattacks and ransomware in the past year.

But most of all, it seems to fear the rise in attacks enabled by artificial intelligence (AI), which it said had been linked by Palo Alto’s threat research team to a rise in the number of malicious domains being registered.

“In particular, the threat landscape surrounding artificial intelligence (AI) is expanding aggressively where attackers use sophisticated linguistic techniques, including increased text volume, punctuation, and sentence length,” said the research body.

“The trend suggests that generative AI allows threat actors to craft sophisticated and targeted attacks at speed and scale,” it said, adding that the next two years “will see threat actors adopting AI to expand every aspect of their offensive toolkit.”

It added: “AI will be adopted to deliver more cost-efficient, rapid development of new malware and ransomware variants.”

And as 2024 brings dozens of countries to the polls in what has been described as a record year for the number of elections, “deepfake technologies will take phishing and impersonation attacks to a new level.”

The CCRC further warns that businesses may see the benefits accrued through their uptake of AI eroded by its deployment against them by cybercriminals.

“Businesses will embrace AI but be threatened by its use in novel cyberattacks,” it said, warning that older models of cybersecurity could prove insufficiently protective. “There is also a risk that the dynamic character of AI-driven attacks could make static defense mechanisms ineffective.”

Though CCRC contributors acknowledge that senior executives have finally begun to take the threat of cyberattacks more seriously, it warns that more needs to be done to tackle the growing issue.

“The number of key events in 2023 in relation to cyber threats has been overwhelming and versatile in terms of impact to an organization or government body,” it said. “There needs to be greater involvement at the executive board level by driving cybersecurity risk governance and steering committees to help minimize the risks imposed on the company or government entity.”

Set up in 2001 to take a forensic approach to the study of cybercrime, the CCRC describes itself as a voluntary non-profit scientific research body. Although its foremost contributors are cybersecurity experts from Ukraine, it claims no specific nation-state affiliation.