The Countries with the Biggest Cybercrime Budgets

How Much Does Each Country Spend Fighting Cybercrime?

As we enter an economic downturn, cybercrime rates, inclusive of online fraud, are certain to naturally increase. The Federal Trade Commission reported that consumers lost $5.9 billion to fraud in 2021 and it received 2.8 million reports of fraud from consumers. The rate of fraud in 2021 rose by over 70% compared to the previous year, likely impacted by the COVID-19 pandemic.

Anyone can fall victim to hackers, fraudsters, scammers and other online criminals, from employees to small businesses and even large corporations, and cybersecurity awareness and prevention is essential for any company.

At SEON, we wanted to discover which countries lose the most money to online crime and fraud annually, so we looked at the amount of money lost by each nation’s economy and the relevant government department’s cybercrime budgets.

We’ve compared this to each country’s Global Cybersecurity Index Score to find which countries lose the most to online fraud. We also looked into the most common types of fraud faced by countries around the world, and how an economic recession could impact the risk of cybercrime overall.

Our research shows that some countries dedicate significantly larger amounts of money to fraud detection than others, with South Korea and the United States ranking towards the top of our list, while countries including France and the Netherlands lose less money to fraud, yet still rank highly on the Global Cybersecurity Index.

The countries most worried about cybersecurity and fraud may also be those less at risk of cybercrime, as our recent Global Cybercrime Report found Germany and the United States among the lowest-risk countries for cybercrime.

Which Countries Lose the Most Money to Cybercrime?

1. South Korea – Cost of Cybercrime: $72bn – GCI Score: 98.52

South Korea is one of the countries most affected by cybercrime in terms of monetary loss. The South Korean economy lost an estimated $72 billion in one year, according to Microsoft Korea.

The study revealed that the move towards using cloud technology and mobile computing could create more opportunities for cybersecurity threats. As a global leader in electronics and technical advancements, South Korean businesses risk falling victim to fraud, although many are implementing AI to combat security breaches.

South Korea has the third highest Global Cybersecurity Index Score of all the countries on our list, meaning that they have one of the highest commitments to raising awareness of the importance of cybersecurity protection on a global scale.

2. United States – Cost of Cybercrime: $4.1bn – GCI Score: 100

The FBI’s Internet Crime Report details the US economy lost a reported $4.1 billion to cybercrime in 2020. With 791,790 businesses affected by online fraud, the US is one of the countries most experiencing cybercrime.

These figures are estimated to be just the tip of the iceberg of the threat to US businesses, as they were collected only from reports of cybercrime made by the public. The risk of online fraud could also be increasing, with the Internet Crime Report identifying a 69% increase in the number of cybercrime reports compared to the previous year.

The US has the highest Global Cybersecurity Index Score of all the countries on our list, demonstrating its commitment to raising awareness of cybersecurity protection on a global scale.

3. Germany – Cost of Cybercrime: $2,610,520,217 – GCI Score: 97.41

German businesses spent around $2,610,520,217 on combating cybercrime, with 53% spent on security and the remainder put toward hardware and software.

Germany is also in the top 10 on our list for its Global Cybersecurity Index Score, which is 97.41, assessing aspects like legal and technical measures, capacity development, and cooperation.

What’s the Most Common Type of Fraud in Each Country?

Leaks of internal information: Most common fraud type in the Middle East, Sub-Saharan Africa, Brazil, Mexico, Japan, and Colombia

The Kroll Global Fraud and Risk Report identifies leaks of internal information as the most common type of fraud in many countries and industries.

This fraud type covers incidents of confidential information being revealed to unauthorized persons or parties, and is an increasingly volatile issue in the move towards increased use of online technologies. As more employees are targeted by phishing scams – including what is known as CEO fraud, where someone pretends to be upper management to get employees to disclose information or transfer funds – information is sent to a malicious recipient, or information is shared via non-secure platforms, the risk of leaking sensitive data becomes more likely.

Disruptions due to sanctions, tariffs, and changes in trade agreements: Most common fraud type in the United States and Italy

According to the Kroll Global Fraud and Risk Report, the most common kind of fraud faced by the US and Italy are those due to disruptions from sanctions, tariffs, and changes in trade agreements.

This kind of fraud can become more frequent amidst changes in international data sovereignty legislation as well.

Notably, the Secure Equipment Act of 2021 saw the US ban Chinese tech companies such as Huawei and ZTE from getting approval for network equipment licenses in the country, in an attempt to combat online fraud.

Adversarial social media activity: Most common fraud type in Canada

With the increased use of social media in businesses and the workplace, the Kroll Global Fraud and Risk Report identifies adversarial social media activity as the most common fraud type in Canada.

Involving the creation of fake user accounts on social media platforms like Facebook, Instagram, and Twitter, the goal of fraudsters is to trick people and company employees into providing information.

While machine learning strategies have been implemented by many businesses to combat these kinds of scams, the threat of fake accounts is not yet eliminated. Currently, it is the responsibility of major platforms and brands to narrow the security gap by moderating the content produced and by performing checks on their users more frequently to reduce the threat. 

Data theft: Most common fraud type in India

In India, the Kroll Global Fraud and Risk Report names data theft as the most common type of cyber fraud.

Involving the theft of confidential information stored on corporate databases and servers, data theft is a significant threat to businesses of all sizes.

Some data theft is unintentional, as in cases where a departing employee retains access to information, but most is a result of hackers taking advantage of poorly implemented security measures.

IP theft: Most common fraud type in China

In China, the most common type of fraud is the theft of intellectual property, as outlined by the Kroll Global Fraud and Risk Report.

Intellectual property theft involves stealing ideas, inventions, trade secrets, and creative expressions from individuals or from a company. This can include proprietary products, original music, and software.

Reputational damage due to third-party relationship: Most common fraud type in the United Kingdom

The Kroll Global Fraud and Risk Report identifies reputational damage due to negative third-party relationships as the most common fraud type in the UK. 

As more organizations turn to third-party sources to achieve their security goals, in-house checks are not always the highest priority. However, lapses in vigilance potentially allow for breaches. The use of third-party fraud prevention resources is predicted to increase in the future as more options for providers become available. It is essential that businesses protect themselves from fraud by keeping their contracts updated to align with the latest local mandates, as well as vetting third-party suppliers to ensure their sensitive data is only used as authorized.

What’s the Effect of a Crisis on Fraud?

As we prepare to enter a financial downturn, we look to past data to understand what we can expect in the future. In the study “Occupational Fraud: A Study of the Impact of an Economic Recession”, an analysis of the economic recession of 2008–2009, the Association of Certified Fraud Examiners underlines that there is likely to be increased fraud risk during times of economic downturn.

55.4% of survey respondents noticed an increase in the number of fraudulent transactions during March 2009 compared to the previous year.

48.9% of the respondents also noticed an increase in the dollar amount of the fraud perpetrated, indicating an economic recession could provide a climate that makes online fraud more likely.

While 27.1% of survey respondents cited the increased opportunity for fraud as a motivating factor for the increase, 49.1% explained the rise was due to increased pressure in the workplace.

The incipient economic recession is different from that of 2008 because of the technology that has developed on both sides of the fraud battlefield. Our reliance on cloud technology and digital services today could create an environment where cybercrime is more likely to arise.

As well, in the wake of COVID-19, consumers use online services to a much higher degree and are encouraged to use contactless payments when shopping in-store, giving rise to CNP fraud.

As the economy trends downward, the risk of phishing attacks is rising, with phishing emails claiming to have information on COVID-19 cures or economic benefits for selected persons. These scams aim to take advantage of vulnerable people during the pandemic. Following the increase in employees working from home, there has been a rise in fake emails relying on social engineering to plant malware on company equipment.

Methodology

We wanted to find which countries lose the most money from cyber attacks, and have the highest cybercrime budgets. We sourced information from Business Korea, the Federal Bureau of Investigation, Markets Germany, OCCRP, Government of Canada, Computer Weekly, Boston Consulting Group, Reseller News, Australian Government, Global Risk Insights, Enisa, Iceland Monitor, Beobank, Poliisi, Police.uk, Irish Times, CompariTech, and International Trade Administration.

We compared this to each country’s Global Cybersecurity Index scores, sourced from ITU Publications.

We also wanted to find out the most common type of fraud around the world, using information from the Kroll Global Fraud and Risk Report 2019/20.

Additionally, we wanted to find out the effect of an economic recession on fraud, therefore sourced information from the ACFE – Occupational Fraud: A Study of the Impact of an Economic Recession, PWC – Fraud in a Downturn, and Fico.

All currencies were converted into USD using XE on 26/04/22. All information is sourced from the Federal Trade Commission.