Does Cybercrime Really Cost $1 Trillion?

Gen. Keith Alexander is the director of the National Security Agency and oversees U.S. Cyber Command, which means he leads the government’s effort to protect America from cyberattacks. Due to the secretive nature of his job, he maintains a relatively low profile, so when he does speak, people listen closely. On July 9, Alexander addressed a crowded room at the American Enterprise Institute in Washington, D.C., and though he started with a few jokes — his mother said he had a face for radio, behind every general is a stunned father-in-law — he soon got down to business.

Alexander warned that cyberattacks are causing "the greatest transfer of wealth in history," and he cited statistics from, among other sources, Symantec Corp. and McAfee Inc., which both sell software to protect computers from hackers. Crediting Symantec, he said the theft of intellectual property costs American companies $250 billion a year. He also mentioned a McAfee estimate that the global cost of cybercrime is $1 trillion. "That’s our future disappearing in front of us," he said, urging Congress to enact legislation to improve America’s cyberdefenses.

These estimates have been cited on many occasions by government officials, who portray them as evidence of the threat against America. They are hardly the only cyberstatistics used by officials, but they are recurring ones that get a lot of attention. In his first major cybersecurity speech [1] in 2009, President Obama prominently referred to McAfee’s $1 trillion estimate. Sen. Joseph Lieberman, I-Conn., and Sen. Susan Collins, R-Maine, the main sponsors of the Cybersecurity Act of 2012 that is expected to be voted on this week, have also mentioned $1 trillion in cybercrime costs. Last week, arguing on the Senate floor in favor of putting their bill up for a vote, they both referenced the $250 billion estimate and repeated Alexander’s warning about the greatest transfer of wealth in history.

More