Manysources report that cybercrime costs the global economy trillions of dollars per year. It is the top Google search result and it is quoted on Wikipedia. But I am not able to track down how the number was computed, or find criticism of these numbers.
This would be insanely high if true: the world GDP is only 100 trillion / year, and the software industry is only around 1 trillion / year (according to a quick Google search). Does the software industry really produce less value than the cost of cybercrime? This is not impossible, but that is an extraordinary claim that requires strong evidence.
Why I care about this: LLMs might help with cybercrime, and it might be tempting for regulators to ban the creation or deployment of new LLMs that are projected to cause cybercrime damages above e.g. 10 billion / year. But if cybercrime is over a trillion dollars per year, just a 1% increase in cyberattacker productivity would be over 10 billion / year. Does this logic imply that meaningful improvements to software should be banned because they likely create billions in expected damages?
Either the trillions-of-dollars numbers are fake, or this has some weird implications for LLMs and software regulation in general.
[Question] Is cybercrime really costing trillions per year?
Many sources report that cybercrime costs the global economy trillions of dollars per year. It is the top Google search result and it is quoted on Wikipedia. But I am not able to track down how the number was computed, or find criticism of these numbers.
This would be insanely high if true: the world GDP is only 100 trillion / year, and the software industry is only around 1 trillion / year (according to a quick Google search). Does the software industry really produce less value than the cost of cybercrime? This is not impossible, but that is an extraordinary claim that requires strong evidence.
Why I care about this: LLMs might help with cybercrime, and it might be tempting for regulators to ban the creation or deployment of new LLMs that are projected to cause cybercrime damages above e.g. 10 billion / year. But if cybercrime is over a trillion dollars per year, just a 1% increase in cyberattacker productivity would be over 10 billion / year. Does this logic imply that meaningful improvements to software should be banned because they likely create billions in expected damages?
Either the trillions-of-dollars numbers are fake, or this has some weird implications for LLMs and software regulation in general.