Lies, Damn Lies and Statistics
Friday, September 21st, 2007 at 1:40 pm by David DeWalt
As many of you may know, I was fortunate enough to address a crowd of some of the country’s top CIOs earlier this week at the InformationWeek 500 conference in Tucson, AZ.
During my speech, I discussed the alarming growth of cybercrime, and mentioned a statistic that shows that cybercrime is now outpacing the global drug industry in value.
This stat has created quite a buzz. For those of you who are interested in its source – click here for Reuters and here for CNN.
Clearly, placing a value on the size of the cybercrime economy is a real challenge. Even the Government Accountability Office recognized this in its June 2007 report, saying: “there remains a lack of understanding about the true magnitude of cybercrime and its impact because it is not always detected or reported.”
Let’s not lose sight of the main point. Cybercrime is becoming increasingly organized, targeting everyone from individuals to business to governments. This is a problem that needs to be addressed.
From individual action, to organizations securing their networks, and governments writing enforceable legislation to deter criminal behavior, this is an arms race and we need to stay ahead.
- Posted in CEO Perspectives
Both figures are complete bollocks, as it’s like estimating how many jelly beans are in a swimming pool. You can see a portion of the numbers, but your sample size is bound to be too small make an accurate figure.
[...] were the CNN article and a 2005 Reuters report that had also picked up the estimate. Mr. DeWalt wrote, “Clearly, placing a value on the size of the cybercrime economy is a real challenge,” [...]
Depends upon your definition of Cyber crime?
As the recent VeriSign / iDefense analysis on the Russian Business Network (RBN) showed – see: http://www.economist.com/displaystory.cfm?story_id=9723768 – just for one venture, Rock Phish, they netted $150 million in one year. As an example the RBN’s network, its affiliates, “free-hosting” sites, and associated businesses, the overall dollar value is much more substantial -see: http://en.wikipedia.org/wiki/Russian_Business_Network and http://rbnexploit.blogspot.com .
However, the RBN is one of the most obvious for quantification. If one was to include malware, spyware, spam, and general BadWare, which most end users who have been victims would definitely call – cyber-crime -. Therefore maybe the $105 billion quoted is an underestimate?
Mr DeWalt I think you made very valid points. Even if the numbers are half wrong, it is still astonishing that cyber crime is so lucrative. I blogged about your post and the stats you discuss. http://www.copiatech.com/lies-damn-lies-and-statisticsselling-drugs-has-competition/