Cyber crime is a growth industry worth between £220bn and £340bn every year – more than the national income of most countries in the world.
That is the claim of McAfee, the security software vendor now owned by semiconductor giant Intel.
As a percentage of GDP, the sum lost to cyber crime far exceeds maritime piracy, and more or less matches counterfeiting and illegal narcotics, claims McAfee.
Brazil was criticised in particular for its especially weak laws against cyber crime, although local cyber criminals have not (yet) turned their attention to the rest of the world. One-third of Brazilian companies have been victims of cyber crime, according to a survey of local businesses, with at least five per cent suffering financial losses.
"These factors make Brazilian cyber criminals successful locally, but there is little to prevent them from turning to a global crime. Brazil also faces external cyber threats, and information on the Brazilian economy from key crops – from soy beans to oil production – are targets," claimed the report.
India, meanwhile, "appears to be the 'ransomware' capital of Asia-Pacific", while across the former Soviet Union there are 20 to 30 cyber crime groups that enjoy "nation-state level capacity", according to the report. In other words, they enjoy protection or patronage reaching up into the higher reaches of government.
"These groups have repeatedly shown that they can overcome almost any cyber defence. Financial crime in cyberspace now occurs at industrial scale," claims the report.
However, while the report criticised laws and conventions in a number of parts of the world that positively facilitate cyber crime, it did not provide its methodology for working out the costs.
Last year, the security software company admitted that the $1tr cost that it had guestimated for cyber crime was probably "over the top".
Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes
Focus on cost efficiency, simplicity, performance, scalability and future-readiness when architecting your data protection strategy