Last April, I started a conversation with cybersecurity company Bromium. The company was keen to uncover where the streams of revenue generated by cybercrime eventually go and whether this money is ultimately supporting other areas of crime. Over the past 10 months, I have been examining this question, and I must say there have been some eyebrow-raising findings.

While there has been a lot of research into areas such as the “cost” and the mechanisms of cybercrime, there is far less awareness and understanding of how cybercrime functions as an integrated set of criminal practices. As a result, the tech community tends to focus on technical factors, such as malware types, security holes, and how to prevent certain types of attacks. My goal was to get a better sense of how the cybercrime economy works.

Cybercrime revenues reach $1.5 trillion

Though it constitutes a relatively new criminal economy, cybercrime is already generating at least $1.5 trillion in revenues every year, according to my research. This is a conservative estimate, based only data drawn from pnly five of the highest profile, most lucrative varieties of revenue-generating cybercrimes:

Looking at cybercrime revenues gives us a new way of understanding these offenses compared to measuring cybercrime in terms of the losses it causes. The earnings of individual cybercriminals within such categories exceed their counterparts in the traditional crime world. And while total revenue from traditional crime is probably still higher overall, it is by no means clear how long this will continue – especially given the increasing…