28 May Cybercrime To Cost The World $12.2 Trillion Annually By 2031
Cyber Rica is the world’s third largest economy. Sponsored by Secure Anchor
– David Braue, Editor-at-Large
Melbourne, Australia – May 28, 2025
Cybercrime is predicted to cost the world $10.5 trillion USD in 2025, according to Cybersecurity Ventures. If it were measured as a country, then cybercrime would be the world’s third largest economy after the U.S. and China. This represents the greatest transfer of economic wealth in history, risks the incentives for innovation and investment, is exponentially larger than the damage inflicted from natural disasters in a year, and will be more profitable than the global trade of all major illegal drugs combined.
Global cybercriminal activity has grown so large that, after years of rapid expansion, Cybersecurity Ventures believes the sector’s sheer economic weight will see growth plateau at 2.5 percent annually through 2031, at which point cybercrime will cost the world $12.2 trillion annually.
“Cybercrime costs include damage and destruction of data, stolen money, lost productivity, theft of intellectual property, theft of personal and financial data, embezzlement, fraud, post-attack disruption to the normal course of business, forensic investigation, restoration and deletion of hacked data and systems, reputational harm, legal costs, and potentially, regulatory fines, plus other factors” said Steve Morgan, founder of Cybersecurity Ventures.
As nation-state and cybercriminal gangs steal cryptocurrency and tap new technologies like generative AI (GenAI) to refine their attacks, there is only so much money to steal.
That means it’s getting harder for cybercriminal enterprises to continue scaling their takings, with new attack techniques evolving but organizational structures also evolving to protect the sector’s momentum in the face of increasing scrutiny by law enforcement authorities.
Cybercriminals have proved resourceful in adapting to the changing enforcement environment, however: “Based on the inconsistent laws and difficulty in prosecuting, cybercrime unfortunately is easy to commit and very hard, if not impossible, to stop,” said Dr. Eric Cole, a former CIA hacker and founder of cybersecurity consultancy Secure Anchor.
Because it largely relates to financial losses suffered by companies and individuals well outside of our own worldviews, Cole refers to cybercrime as a “silent killer”.
“The problem in cybersecurity is that we’ve never had numbers,” he told Cybercrime Magazine. “It has always been a problem, but it wasn’t visible. By monetizing it, and when you go in to say that it’s a trillion dollar problem, that wakes people up [and they realize] that it is happening.”
Cybercrime Magazine’s annual report will delve into the growth and structure of cybercrime’s significant global economic force – a self-sustaining human enterprise that, by transcending borders and flaunting the international laws that bind even conventional hostile nation-states, has become one of the biggest threats the world economy has ever known.
2025 Official Cybercrime Report
To understand the magnitude of the modern cybersecurity threat, it’s instructive to think of the global cybercrime industry as a country. Let’s call this rogue state Cyber Rica.
With gross domestic product (GDP) of $10.5 trillion this year, Cyber Rica’s economy is one-third of that of the U.S. – whose GDP this year will be around $30 trillion – and two-thirds as large as that of China, with GDP of $19.2 trillion.
Third-place Germany, by contrast, will have a GDP of around $4.7 trillion this year – meaning that in 2031, the residents of Cyber Rica will be collectively stealing and causing harm that equals the GDPs of Germany, India ($4.2 trillion), and Japan ($4.2 trillion) combined.
That’s $386,000 worth of harm caused by cybercriminals per second – up from $333,000 per second in 2025 – or a monthly impact of $1 trillion, which is more than the GDP of all but the world’s 19 largest countries.
For any other country, such accumulation of wealth would be a laudable achievement – but the massive amount of money at play in Cyber Rica comes at the expense of the citizens and businesses of other countries, who face relentless and unceasing assault from crypto scammers, data-scraping botnets, credential theft, identity theft, card theft, and the outright extortion that once-straightforward ransomware has now become.
The citizens of Cyber Rica, in other words, are leeches – taking from the world’s other residents but giving nothing back.
Diversity, but not the good kind
Just who the criminals are is usually hard to discern until authorities announce another major bust – but cybercriminals are unquestionably a diverse bunch, operating in every country and speaking a broad range of languages.
There are signs that a few nationalities have come to dominate the landscape: Russia’s cybercriminal underground, for example, is “the most sophisticated, resilient, and impactful ecosystem within the global cybercrime landscape,” a recent Trend Micro analysis found in breaking down Russian cybercriminal activities that extend across real-world nations ravaged by the overlapping motives of nation-state actors and profit-driven cybercriminals.
Citing “cultural factors” and a Russian educational mindset that emphasized mathematics, engineering and problem-solving skills, the firm’s security team said, in that country “individuals can acquire strong technical skills, lowering the barrier to entry into cybercrime.”
“Many young individuals, even before graduating, already possess enough knowledge to take on basic underground activities and may even already be well-integrated into the cybercriminal supply chain.”
Adoption of new technologies, “evolving cybercriminal business processes”, and geopolitical events such as the Russia-Ukraine cyber war being run in parallel to the kinetic war, had seen Russian cybercriminals expanding their activities into new areas such as telecommunications infrastructure and IoT devices.
“When combined with shifts in financial and logistical operations due to sanctions,” the Trend Micro team found, the success of Russian-speaking cybercriminals “highlights the underground’s adaptability and resilience.”
Cyber Rica’s other dominant faction is dominated by Chinese hackers, who unlike Russia’s largely mercenary cybercriminals are often characterized as offensive extensions of the Chinese government – who actively probe and compromise major foreign commercial, industrial, critical infrastructure, and government interests to further that country’s bellicose, expansionist political agenda.
With the FBI calling out the Chinese government’s “brazen cyber intrusions” and calling that country’s cybercriminal activities “a grave threat to the economic well-being and democratic values of the U.S.,” the Department of Justice has been working overtime to track down Chinese government-backed actors.
This includes the Mar. 2025 charges laid against dissident-targeting group Aquatic Panda, an “ecosystem of cyber mercenaries” that Justice Department National Security Division head Sue J. Bai said had been directed by Chinese government agents to run “indiscriminate and reckless attacks against computers and networks worldwide.”
Other cybercriminal activity mirrors geopolitical hotspots, with recent disruptions of efforts by terrorist groups like Hamas – which was recently caught fundraising cryptocurrency in violation of an Apr. 2023 promise not to do so – and Yemen’s Iran-backed Houthis, which were found to have sent and received over $1 billion in funds, receiving foreign support and paying cryptocurrency to Russian actors for arms and stolen Ukrainian grain.
Authorities have also flagged the concerning revelations that a growing number of Southeast Asia criminals are forcibly recruiting people into indentured labor in ‘scam factories’, where they are held and forced to run scams against victims in Western countries and across the world – part of the reason scammers were able to push global scam losses past $1 trillion last year.
Cryptocrime has become business as usual
Although much of today’s cybercriminal activity can be traced back to Russia and China, they’re not the only citizens of Cyber Rica that the world’s businesses and governments need to watch out for.
North Korea’s Lazarus Group hackers, for example, have been targeting LinkedIn users with malware and are now the world’s most proficient thieves of cryptocurrency – with their record Feb. 2025 hack of $1.5 billion worth of cryptocurrency from the Bybit exchange just the latest in a series of heists and sneaky employment plants that have netted the group more than $6 billion worth of crypto since 2017.
Such attacks target the repositories of cryptocurrency, exploiting stolen passwords, manipulated customers or technical vulnerabilities in crypto wallets and exchanges to siphon out often dizzyingly large amounts of crypto.
Yet crypto is not just a prize of cybercriminals; it’s also the coin of the realm in Cyber Rica, with police seizures of cybercriminal enterprises regularly confiscating large amounts of crypto that has for many people become associated with criminal activity: the May closure of crypto platform eXch, for example, saw over $38.2 million in crypto seized.
“Cryptocrime isn’t just growing, it’s fundamentally transforming,” cryptocurrency security firm Chainalysis noted upon the release of its latest Crypto Crime Report, which estimated total proceeds of crypto crime at more than $51 billion during 2024 – comparable to the annual revenues of pharmaceutical giant and Fortune 500 company Novartis.
“What once revolved primarily around cybercrime has expanded into a vast, sophisticated illicit economy deeply intertwined with national security, geopolitical conflicts, and transnational criminal enterprises engaged in drug, human, and wildlife trafficking, as well as violent crime.”
Cybercriminals are still up to their old tricks
Although cryptocurrency has begun to rival the time-honored U.S. dollar as a way of facilitating illegal cross-border activities in the real world, its use in such activities is only part of the broader Cyber Rican economy – which owes a large portion of its GDP to time-tested revenue earners that continue to steer rivers of gold into the coffers of cybercriminal enterprises.
Verizon’s 2025 Data Breach Investigations Report (DBIR) shed some light on just how these funds are being secured, noting that cybercriminals became significantly more aggressive over the past year –with system intrusions accounting for 53 percent of analyzed data breaches, up from 36 percent the year before.
Web application attacks were also up, from 9 percent to 12 percent of breaches, while – in a surprise finding that likely reflects cybercriminals’ increasing proficiency in identifying and exploiting vulnerabilities in cloud platforms and application s – social engineering was actually down year on year, from 22 percent of breaches to 17 percent.
Today’s cybercriminals, in other words, will still happily track and trap their victims via social media but they are increasingly happy to forego the niceties and use other techniques to go straight where the money is, with ransomware surging 37 percent year-on-year.
A breakdown of the methods cybercriminals are using shows many of the old favorites – credential abuse was involved in 22 percent of breaches, while vulnerabilities were exploited in 20 percent and phishing used in 16 percent of breaches.
That said, the DBIR flagged a decline in the amount of the average ransomware payment – from $150,000 to $115,000 – and an increase in the proportion of companies that refuse to pay ransoms, up from 50 percent to 64 percent last year.
Significantly, Verizon noted a 17 percent year-on-year surge in the proportion of espionage breaches driven by state-sponsored actors who were also noted to have financial motives in around 1 in 4 incidents – suggesting that threat actors are “double-dipping to pad their compensation” in a move that would also boost the GDP of Cyber Rica.
Breaches are becoming more expensive
Nobody knows just how many cybercriminals live in Cyber Rica, but the numbers are sure to be significant – with conventional criminal organizations now well established in the sector and operating expansive, well-staffed organizations with reporting structures, benefits, specialized departments, and other functions that wouldn’t be out of place in a Fortune 500 company.
Their goal: to continue systematically milking the revenue streams of the world’s business community – and judging by the multi trillion-dollar industry they’ve created, they’re succeeding handsomely.
They’re also causing significant damage in the process: the latest IBM-Ponemon Institute Cost of a Data Breach report found that the average cost of a data breach increased by 10 percent between 2023 and 2024, to $4.88 million on average.
Not all of this goes directly to Cyber Rica’s treasury, however: much lies in the cost of recovery for businesses hit by breaches, with the 604 surveyed organizations reporting significant cost hits from business interruption and incident recovery.
“This is not necessarily the direct cost of the data breach to the organization, but actually the knock-on impacts of a breach,” IBM Security global strategy leader Sam Hector explained in a webinar highlighting the report’s findings – which included the revelation, supported by Verizon’s reports of a surge in the targeting of web applications, that many companies are struggling to adopt hybrid cloud platforms securely.
“Many organizations are adopting hybrid cloud infrastructure and SaaS applications for productivity and cost efficiency reasons,” Hector explained, “but what we’re seeing from that is an increase in difficulty of managing and securing the data on those platforms, which is again leading to higher breach costs.”
Where technological compromises are too hard, business email compromise (BEC) attacks are continuing to prove extremely successful as cybercriminals use social engineering – and, in a growing number of cases, generative AI-based video deepfakes – to trick employees into sending them often sizeable amounts of money.
Cybercriminals often take a different approach with individuals – either building relationships with their victims to manipulate them into sending a large number of relatively small transfers, or using stolen credit card and other details to drip-feed money in amounts so small that the victims don’t notice until their money is gone.
“Stealing $100 million or your entire life savings isn’t feasible with security measures that are in place, and attackers know that,” Cole said.
“So instead, they go in and add $10 or $20 to each invoice or account. They’re not going in and dumping the bucket of water; they’re poking small holes – and you don’t notice it until it gets really, really bad.”
New technologies further complicate the agenda
Even as industry watchers trace cybercriminals’ footsteps across the world, new technologies have complicated the chase – with GenAI, in particular, proving to have done exactly what pundits feared it would do: help cybercriminals craft and execute better, more convincing, and more personalized campaigns than ever before.
Security researchers have, unsurprisingly, uncovered growing evidence that cybercriminals are using genAI tools to improve the efficiency and yield of their campaigns – with Check Point Research’s recent AI Security Report 2025 flagging the use of the technology for malicious activities like AI-enhanced impersonation and social engineering, LLM data poisoning and disinformation, AI-created malware and data mining, and the weaponization and hijacking of AI models on which built-in safety controls have been disabled.
According to UK cybersecurity firm Darktrace, 78 percent of the more than 1,500 security executives responding to a recent survey said that AI-powered threats are having a significant impact on their organizations – with many admitting they lack the knowledge, skills, and personnel to successfully defend against those threats.
“The impact of AI on cybersecurity is clear and increasing,” said CEO Jill Popelka, who warned that “adversaries are using it to make their attacks more targeted, scalable, and successful… in a highly volatile geopolitical environment that is creating more uncertainty.”
With cybercriminals’ use of GenAI already normalized, companies hoping to defend against those increasingly effective attacks must fight fire with fire – embracing AI-powered solutions capable of adapting to cybercriminals’ ever-changing attacks.
Also new on the list of priorities for 2025 is the need for CISOs to develop strategies to deal with the imminent threat of cryptographically relevant quantum computers (CRQCs) – which, when they become available around the end of the decade, will be able to decrypt the data encryption routines used to protect every secure system and data in the world.
A family of newly released post quantum computing (PQC) algorithms was recently released by the National Institute of Standards and Technology (NIST) after nearly a decade in development – and the race is on for CISOs to drive enterprise-wide migration programs that can implement the new technologies before cybercriminals get their hands on CRQCs.
While those computers are still years off, there are reasons why Cybersecurity Ventures’ predictions of slow and steady cybercrime growth only run through 2031: once the long-feared Q-Day arrives, all bets are off.
Cyber Rica could well see a surge in revenues after that, as CRQCs deliver yet another new way for cybercriminals to further increase its revenue base – particularly if, as many now fear, they are stockpiling encrypted corporate data for later decryption in so-called harvest now, decrypt later (HNDL) attacks.
Whatever your role or industry, cybersecurity now almost certainly touches it. Emboldened and empowered by new technologies and iteratively refined old attacks, cybercriminals continue to ravage the world’s legitimate economies – diverting trillions in GDP that could have been otherwise used to fund business expansion, support social good, or just to help everyday citizens retire in dignity.
This, then, is the state of cybercrime vs. cybersecurity in 2025: a hard-fought, never-ending battle between cybercriminals with dollar signs in their eyes and increasingly savvy authorities with their sights set on bringing those criminals to justice.
Business and individuals are caught in the crossfire – but by prioritizing proactive defensive mechanisms, and working to stay ahead of the threats posed by new technologies like GenAI and quantum computing, you can make 2025 the year that you truly position yourself to meet the challenges that are still yet to come.
“When the founding fathers created the constitution, they did not envision the digital data and digital infrastructure that we have today,” Cole said, noting that laws must continue to evolve to meet the privacy and security challenges of today’s cybersecurity environment.
“We are at war,” he said, “and government, companies, and individuals are all potential targets of cybercrime. It does not matter who you are or what you do; everyone must recognize they are a target and cybersecurity is their responsibility.”
SPONSORED BY SECURE ANCHOR
The 2025 Official Cybercrime Report is sponsored by Dr. Eric Cole, a globally recognized cybersecurity expert, entrepreneur, and best-selling author with over 30 years of experience protecting the digital world. He started his career hacking for the CIA, then went on to advise Fortune 50 companies, global banks, and U.S. government agencies, including a presidential commission on cybersecurity. He’s built and sold three companies with eight-, nine-, and ten-figure exits. Today, he leads Secure Anchor Consulting and serves as America’s Cyber Czar, focused on one thing: protecting what matters most in an age of relentless digital risk.
