Microsoft Researchers: Cyber Crime Losses Exaggerated

Image: Maksim Pasko

Reports of losses from cyber crimes gathered from surveys are greatly exaggerated and often based on unverified, self-reported numbers and skewed results, according to two Microsoft researchers.

In the “Sex, Lies and Cybercrime Surveys” report, Dinei Florencio and Cormac Herley say much of the information on cyber-crime losses comes from surveys, which often overlook the uneven distribution of cyber-crime victims among the populace, and rely on unverified self-reported numbers.

For example, a single individual who claims $50,000 losses, in an N = 1000 person survey, is all it takes to generate a $10 billion loss over the population, the researchers said. Similarly, one unverified claim of $7,500 in phishing losses translates into $1.5 billion, the researchers noted.

Another problem is that cyber-crime value estimates are often inconsistent. As example, the researchers cite the Federal Trade Commission, which in 2004 estimated identity theft at $47 billion, $15.6 billion in 2006, and $54 billion in 2008.

“Either there was a precipitous drop on 2006, or all of the estimates are extremely noisy,” the researchers said.

When surveying cyber-crime estimates, the researchers recommend having a representative sample, without too great of concentration, an adequate upper-tail sampling, and that outliers get checked for error or fabrication.

 

 

Share this story...Tweet about this on Twitter0Share on LinkedIn0Share on Facebook0Share on Google+0Email this to someone
Filed in: Cyber Tags: , , , , , ,

You might like:

FireEye’s Kevin Mandia: New Mandiant Report Details Cyber Threat Trends, Tactics FireEye’s Kevin Mandia: New Mandiant Report Details Cyber Threat Trends, Tactics
Research and Markets: Mobile Data Protection Market to Reach $3B by 2019 Research and Markets: Mobile Data Protection Market to Reach $3B by 2019
Microsoft to Help NASA Scientists Work on Mars with Virtual Tech; Dave Lavery Comments Microsoft to Help NASA Scientists Work on Mars with Virtual Tech; Dave Lavery Comments
Intergraph to Deploy Law Enforcement Tech on Microsoft Azure Gov’t Cloud; David McDonald Comments Intergraph to Deploy Law Enforcement Tech on Microsoft Azure Gov’t Cloud; David McDonald Comments
© 2015 ExecutiveBiz. All rights reserved.