The White House released on Friday a report that found that the economic costs of "malicious cyber activity" in 2016 were between $57 billion and $109 billion dollars. The estimate comes in a Council of Economic Advisers report on the impact of cyber attacks on US government and industry. The report details the range of threats that US entities face from actors, including corporations and countries such as Russia, China, Iran and North Korea. "Cyber threats are ever-evolving and may come from sophisticated adversaries," the CEA said in its report. "Due to common vulnerabilities, instances of security breaches occur across firms and in patterns that are difficult to anticipate." The CEA’s estimate represents between 0.31 percent and 0.58 percent of the 2016 US GDP. For comparison, the report cites a Center for Strategic and International Studies report that estimated the cost of malicious cyber activities against US entities at $107 billion in 2013, 0.64 percent of GDP that year. The industries making up the largest shares of GDP also saw the highest shares of security breaches in 2016, according to the report. This includes manufacturing, government, healthcare and finance. The finance sector had the highest breaches of all industries, with 471 in 2016. The report also notes that because big cyber attacks could create knock-on effects throughout the economy, individual private firms are incentivized to “rationally underinvest in cybersecurity” relative to the collective threat it poses. The report concluded that better data and more cooperation "across firms and between the public and private sectors" are required to protect against such attacks. That was also one of the takeaways from top intelligence officials at a Hill hearing on global threats earlier this week. By better data, the report means more sharing of data on breaches across firms and with the government. The lack of data, the report said, is largely because of the "strong disincentive" to report "negative news."