By Dr. Kevin Lau
Cybercrime is no longer a peripheral nuisance; it is a core threat to economic security, public trust, and personal well-being. Any serious response must therefore be uncompromising, sustained, and rooted in policy, law enforcement, and social resilience.
The scale of cybercrime is now large enough to distort the global economy. The Center for Strategic and International Studies, citing its research with McAfee, reported that close to USD600 billion is lost to cybercrime each year, almost 1% of global GDP. That figure is not merely a statistic; it is evidence that cybercrime has evolved into an industrialized criminal ecosystem that extracts value at scale from businesses, governments, and households. When losses reach this level, the issue ceases to be a technical problem and becomes a matter of national competitiveness and economic stability.
The pattern is even more alarming when one considers the trajectory. Hong Kong's official cybercrime guidance notes that computer-related crime cases rose from 4 in 1993 to 34,112 in 2023, showing how rapidly the threat has expanded in a digitally connected society. GovCERT.HK likewise reported 7,752 security cases handled in 2023, with phishing making up nearly half of them and identity-based incidents accounting for 64% of all incidents. These are not isolated anomalies; they reflect a crime model that scales faster than traditional enforcement structures can adapt.
The harm caused by cybercrime is often described in financial terms, but that captures only part of the damage. The United Nations Office on Drugs and Crime's cybercrime module states that interpersonal cybercrime can produce stress, fear, anxiety, depression, shame, reputational harm, and losses to dignity, autonomy, and privacy. It also notes that some victims have committed suicide in response to these crimes, underlining that the consequences can be irreversible. In other words, cybercrime is not victimless, and its effects can extend far beyond the theft of money or data.
This psychological dimension should change how policymakers frame the issue. A fraudulent message, an impersonated account, or a leaked image can shatter a person's sense of safety in ways that are difficult to repair. For businesses, the damage may include operational paralysis, legal exposure, reputational loss, and a lasting erosion of customer confidence. For individuals, the burden may be prolonged anxiety, social withdrawal, and the costly work of rebuilding digital identity and trust.
Because cybercrime is borderless, fast-moving, and often anonymized, complacency is not an option. Criminal networks exploit encryption, stolen credentials, and cross-jurisdictional gaps, while victims are asked to respond with slower tools built for an earlier era. That imbalance is exactly why enforcement must be decisive: stronger investigation capacity, faster information sharing, better digital forensics, and closer cooperation among police, regulators, banks, and platform operators. Without these measures, offenders will continue to treat low risk and high reward as an open invitation.
Prevention is equally important, but it should not be mistaken for a substitute for enforcement. Public education, stronger authentication, timely patching, and robust incident reporting are essential, and Hong Kong government guidance explicitly recommends measures such as strong passwords, updated security patches, and cautious handling of personal information. Yet prevention works best when it is backed by credible consequences for offenders and a system capable of tracing, freezing, and recovering illicit gains. A modern anti-cybercrime policy must therefore combine deterrence with resilience.
A credible strategy should rest on four pillars. First, law enforcement must be equipped with specialist talent, modern investigative tools, and sustained training, because cybercrime requires technical expertise rather than generic policing alone. Second, the financial sector and digital platforms must be treated as front-line partners, since many scams rely on rapid money movement and account takeover. Third, cross-border cooperation must be accelerated, because criminals operate internationally while victims remain local. Fourth, public awareness must be continuous, not episodic, since even sophisticated systems fail when users are deceived by phishing or impersonation.
Governments should also move from reactive enforcement to proactive disruption. That means targeting infrastructure used for fraud, accelerating takedowns of malicious domains, and improving the ability to trace assets and preserve evidence before it disappears. At the same time, legal frameworks should keep pace with emerging threats such as identity abuse, deepfakes, and AI-assisted deception, which make fraud more scalable and harder to detect. The goal is not only to punish offenders after the fact, but to reduce the profitability of cybercrime itself.
To take cybercrime seriously is to recognize that digital security is now public security. The benefits of the internet depend on trust, and trust collapses when citizens and firms feel permanently exposed. That is why the fight against cybercrime must be relentless, well-resourced, and coordinated across the entire system. Anything less would leave families, businesses, and public institutions to bear costs that are entirely preventable.
The author is Founding Convenor of the Hong Kong Global Youth Professional Advocacy Action, a specialist in radiology, Master of Public Administration, Master of Public Health of the University of Hong Kong, and an adviser of the Our Hong Kong Foundation.
The author is Founding Convenor of the Hong Kong Global Youth Professional Advocacy Action, a specialist in radiology, Master of Public Administration of the University of Hong Kong, Master of Public Health of the University of Hong Kong, and an adviser of the Our Hong Kong Foundation.
The views do not necessarily reflect those of DotDotNews.
Read more articles by Kevin Lau:
Opinion | Swift correction marks mature governance: Lessons from Hong Kong's seatbelt regulation
Opinion | Forging peace: Drawing future strength from HK's war history
Opinion | Hong Kong Government Departments unite in swift response to Wang Fuk Court Fire
Comment