Cybercrime Classification and Measurement

Cybercrime poses serious threats and financial costs to individuals and businesses in the United States and worldwide. Reports of data breaches and ransomware attacks on governments and businesses have become common, as have incidents against individuals (e.g., identity theft, online stalking, and harassment). Concern over cybercrime has increased as the internet has become a ubiquitous part of modern life. However, comprehensive, consistent, and reliable data and metrics on cybercrime still do not exist - a consequence of a shortage of vital information resulting from the decentralized nature of relevant data collection at the national level.

Cybercrime Classification and Measurement addresses the absence credible cybercrime data and metrics. This report provides a taxonomy for the Federal Bureau of Investigation for the purpose of measuring different types of cybercrime, including both cyber-enabled and cyber-dependent crimes faced by individuals and businesses, and considers the needs for its periodic revision. This report was mandated by the 2022 Better Cybercrime Metrics Act (BCMA).