Cybercrime puts Americas competitive edge and economic future at risk; however, there is some debate as to the extent that this activity is impacting economic activity. This report examines a selection of the current estimates of U.S. losses due to cybercrime. Many have questioned the validity of estimates of cybercrime losses, concluding that they are so compromised and biased that no faith whatever can be placed in their findings (Florencio and Herley 2016). Some approximations are potentially underestimating/overestimating the losses due to under sampling. Others do not report out data that lend themselves to estimating national aggregated losses. It is difficult to substantiate sampling issues, as the methods used are often only partially documented, a problem in and of itself; however, most acknowledge that there are serious data limitations. To address the issues and challenges raised, this report does the following: -Identifies and utilizes data with a large sample size -Utilizes data that fully discloses methods and results -Utilizes data that is collected and reported by an organization experienced in data collection and reporting -Estimates a range of losses by making assumptions that bias the upper estimate upward and the lower estimate downward -Stratifies loss estimates by industry groupings -Examines national losses as opposed to global losses The 2016 losses are estimated to be between $167.9 billion and $770.0 billion or between 0.9 % and 4.1 % of U.S. GDP, a substantial amount of loss that is based on business estimates of their losses. For manufacturing, the loss is between $8.3 billion and $36.3 billion or 0.4 % and 1.7 % of manufacturing value added.
Advanced Manufacturing Series (NIST AMS) - 100-32
cybercrime, economics, loss, manufacturing, GDP, gross domestic product, value added, crime