The threat from cybercrime? 'You ain't seen nothing yet'

Cyber security hacking
Peter Cade | Iconica | Getty Images

Combating cybercrime will become an uphill struggle, with the tools needed to commit technological crimes readily available to anyone armed with a computer and a few dollars, experts told CNBC.

According to numbers collated by the Center for Strategic and International Studies, the United Nations Office on Drugs and Crime and antivirus firm Norton, cybercrime is worth around $400 billion annually. Cybercrime can range from data mining and individual fraud, to industrial and state-sponsored espionage. Worryingly, "cybercrime as-a-service" is also a growing phenomenon, where anyone can buy hacking or malware software online.

(View more: The world's most lucrative criminal activities)

"Now, everybody can be a hacker," Troels Oerting, head of the European Cybercrime Centre, told CNBC on Tuesday. "You don't need to be tech-savvy or to have a special education, you can simply just download a program…With the increasing number of people on the internet – which is set to reach 4 billion in a short amount of time – we will see much, much more crime and it will be facilitated by these cybercrime-as-a-service producers."

The cyber security market is worth around $60 billion a year and is growing around 8 percent a year as more people try to combat cybercrime. However, Raj Samani, the chief technology officer of McAfee EMEA, agreed with Oerting that the rapid evolution and commodification of cybercrime meant that it still posed a great threat.

"The previous view of a hacker was a technical genius, but today all you need is $3, access to an online auction, and then you can go out and buy half a million email addresses, or bring down a website. So really, one of the biggest challenges we're facing as an industry is how the bar has been set so much lower," Samani told CNBC.

(Read more: Global drugs trade 'as strong as ever' as fight fails)

According to research by PricewaterhouseCoopers (PwC), which has researched corporate cybercrime since the 1990s, security breaches at large companies cost between £450,000 ($697,000) and £850,000 ($1.3 billion) on average, in 2013. For a small business, a breach could cost anything between £35,000 and £65,000.

"It really is a professional, industrialized, distributed industry," Andrew Miller, director of information security of PwC, told CNBC. "Organizations or criminal individuals can go to a variety of places and source the components for a sophisticated attack."

Oerting added that cybercrime was challenging to police, as it eroded the usual link between the perpetrator and the crime scene.

(Read more: The evolution of the drugs trade)

"I can be in a basement in Africa and actually attack thousands of millions of people in many, many countries without even travelling and that is a huge challenge for the police to see if we can handle that threat," he said.

PwC's research suggested that of those companies reporting cybercrime, there had been a 50 percent increase in security breaches from 2012, with half of those breeches by internal users. However, only 11 percent of the attacks were malicious.

"What we've seen is a stabilization for attacks for large organizations, but in the small company arena we've seen quite a big jump, from 76 to 87 percent of respondents being attacked," Miller said. "Larger organizations are beginning to put in the controls to protect themselves, while smaller ones don't necessarily have the risk assessment or the funding to put it all in place, so attackers naturally swing from one set of targets to the next."

Oerting warned: "If we can get on top of it, I think humanity will survive the internet but it will be a very, very bumpy road towards that goal. We can reach it, but right now we're still in its infancy and you ain't seen nothing yet,"

-By CNBC's Holly Ellyatt, follow her on Twitter @HollyEllyatt