Microsoft Researchers: Cyber Crime Losses Exaggerated

Image: Maksim Pasko

Reports of losses from cyber crimes gathered from surveys are greatly exaggerated and often based on unverified, self-reported numbers and skewed results, according to two Microsoft researchers.

In the “Sex, Lies and Cybercrime Surveys” report, Dinei Florencio and Cormac Herley say much of the information on cyber-crime losses comes from surveys, which often overlook the uneven distribution of cyber-crime victims among the populace, and rely on unverified self-reported numbers.

For example, a single individual who claims $50,000 losses, in an N = 1000 person survey, is all it takes to generate a $10 billion loss over the population, the researchers said. Similarly, one unverified claim of $7,500 in phishing losses translates into $1.5 billion, the researchers noted.

Another problem is that cyber-crime value estimates are often inconsistent. As example, the researchers cite the Federal Trade Commission, which in 2004 estimated identity theft at $47 billion, $15.6 billion in 2006, and $54 billion in 2008.

“Either there was a precipitous drop on 2006, or all of the estimates are extremely noisy,” the researchers said.

When surveying cyber-crime estimates, the researchers recommend having a representative sample, without too great of concentration, an adequate upper-tail sampling, and that outliers get checked for error or fabrication.

 

 

Filed in: Cyber Tags: , , , , , ,

You might like:

Microsoft, Xamarin Form Open Source Tech Alliance; Miguel de Icaza Comments Microsoft, Xamarin Form Open Source Tech Alliance; Miguel de Icaza Comments
Guy Churchward: EMC Unveils Software-Based Storage Protection Suite for Data Centers Guy Churchward: EMC Unveils Software-Based Storage Protection Suite for Data Centers
NC County Adopts Microsoft Cloud, Mobile Tools NC County Adopts Microsoft Cloud, Mobile Tools
Susie Adams: Microsoft Aims to Create Gov’t, Commercial Cloud ‘Equivalence’ Susie Adams: Microsoft Aims to Create Gov’t, Commercial Cloud ‘Equivalence’

Leave a Reply

Submit Comment

© 2014 ExecutiveBiz. All rights reserved.

A Digest of ExecutiveBiz's Daily Coverage of GovCon

  • Executive Analysis
  • Technology & Innovation
  • Business

Sign up for the ExecutiveBiz Digest