I was just reading this about people claiming the amount of global cybercrime outstripped the international drug trade by $1T against $400Bn. As the reporter pointed out, do they expect us to believe that the global cybercrime trade is higher than Saudi Arabias annual domestic product of $555Bn from 2007. As if.
What particularly troubled me was the comment by security firm Finjan about justifying the touting of these numbers: "In our Q1 2009 report on cybercrime, for example, we revealed that one single rogueware network are raking in $10,800 a day, or $39.42 million a year," it said. "If you extrapolate those figures across the many thousands of cybercrime operations that exist on the Internet at any given time, the results easily reach a trillion dollars."
Can anyone else see the problem here? These people are supposed to be experts and not even their statistics make any sense. I am not a statistician or an economist but let us expose the error in their logic.
1) The example they used of a company taking in $11K per day would not have been making this every day for a year. They would more than likely either been tracked down and shut down or their source of revenue would have dried up as virus-checkers are updated or stolen credit card details are blocked.
2) This example of a company would be at the high end of cybercrime. Most people who write worms either don't make any money or certainly not as much as they might want and certainly not $11 per day. How many people would really make that much in a day amongst the 'many thousands of operations'? Not many!
So the evidence that was probably "company X made $11K in a day last year" becomes "every cybercrime company makes $11K every day of every year" it has been multiplied by 365 and then by thousands. To think these people probably get paid!!
No comments:
Post a Comment