Not much is currently known about the true cost of computer crime, but more research is being done in this field. Not only does it cost the victim(s), but it also surprisingly costs software vendors whose vulnerabilities are exploited. This could provide these vendors with an incentive to produce more secure code. It could also give temptation to not disclosing the vulnerability - however, it is normal for software vendors to disclose a vulnerability as soon as they have developed a patch to fix it.

It has been analyzed that announcing a vulnerability caused an average 0.6% fall in its stock price, or an $860 million fall in the company's value (we're talking about large software vendors such as MS, Cisco, IBM, Red Hat).

Internet companies are not immune from financial loss, either. A 3-hour DoS attack against Yahoo in early 2000 saw the company lose 6 million unique visitors and an estimated $250,000 in revenue.