BBC News - Anti-cyber threat centre launched

Richard Clayton richard at highwayman.com
Thu Mar 28 12:41:03 GMT 2013 

In article <F6FD81DC-6A74-48F8-B3D0-F56C23E01C9B at batten.eu.org>, Ian
Batten <igb at batten.eu.org> writes

>    http://www.bbc.co.uk/news/uk-21945702
>
>    I'm really sceptical about this sort of story.  Incredible (in 
>    every sense) claims are made as to the cost of cyber-crime, but 
>    there doesn't seem to be any evidence for it.  

there is evidence of the cost of cybercrime... but the numbers are small
compared with the billions (or trillion) often put forward:

      http://weis2012.econinfosec.org/papers/Anderson_WEIS2012.pdf

our comment on this specific topic, after we'd reviewed the (lack of)
evidence for the cost of cyber-espionage

      A third part is the claim that $2.2bn per annum is lost to
      extortion, with the comment that 'we believe this type of
      cybercrime goes largely unreported'. This is a very old and
      persistent claim made by security salesmen. One of us (Anderson)
      recalls working for a bank a quarter century ago and hearing it;
      even when it was truthfully denied, the salesmen persisted "we
      know it happens but you're not allowed to tell anyone" until
      escorted to the door for impertinence. Extortion does occasionally
      happen -- there was a widely reported case in 2004 when DDoS was
      used against online casinos and $4m was paid before the gang was
      arrested [39] { but like kidnapping, extortion is a hard crime to
      get away with, as money-laundering isn't trivial when the sender
      of the funds wishes to track down the recipient and has the active
      collaboration of the police.

      In sum, because there is no reliable evidence of the extent or
      cost of industrial cyber-espionage and extortion, we do not
      include any figures for these crimes in our estimates.

      [39] John Leyden. Russian bookmaker hackers jailed for eight
      years. http://www.theregister.co.uk/2006/10/04/russian_bookmaker_h
      ackers_jailed/, 2006.

-- 
richard                                              Richard Clayton

They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety.         Benjamin Franklin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 185 bytes
Desc: not available
URL: <http://www.chiark.greenend.org.uk/pipermail/ukcrypto/attachments/20130328/a583f451/attachment.pgp>

More information about the ukcrypto mailing list