Aug
14
Filed Under:
ALERTS
The Real Cost of Cybercrime
14 August 2008
Analysts estimated for the companies worldwide billions and billions of yearly losses in terms of infrastructure and productivity expenses.
Several weeks ago I published a small overview of the e-mail spam which concluded with the costs behind this kind of activity. Analysts estimated for the companies worldwide billions and billions of yearly losses in terms of infrastructure and productivity expenses.
Because spamming is just one of those many types of cybercrime, the figures are probably multiplying with each and every other e-threat, whether we talk about phishing, ID theft, scams, viruses, worms, Trojans, botnets, rootkits, or any other malware. Of course, the numbers run well for the business tier, especially since corporations and organizations have the means to statistically pull together facts and figures.
But what about the other costs which are even more tangible, but also more difficult to catch in a chart? What about the hours an ordinary user spends deleting each spam or removing the malware affecting his or her home computer? Or the phishing scheme that ruins family savings? Or the energy and resources the authorities deploy for pursuing and apprehending cybercriminals around the globe? Or the years a felon spends in jail for hacking a computer or counterfeiting software? And the list of questions could go on and on and on…
This dark side, usually escaping diagrams and statistics, is to be found in another place, like news bulletins or newspapers. For instance, one of the most recent actions of FBI and Romanian authorities led to the arrest of a group of 21 cybercriminals involved in a massive e-commerce and auction scams, identity theft and credit card frauds. Seeking to obtain sensitive personal information, these criminals launched several e-mail spam campaigns. Afterwards, using the stolen identities, they posted selling announces (for fictional goods) on e-commerce Web sites, such as eBay™ and Craiglist™. The mischievous group (which included a 17 year old member) raise up to € 400,000 before was seized.
While some fraudsters apply intricate types of schemes, such as the one I previously described, usually aiming to trick unaware users and empty their accounts, other felons prefer to obtain illicit gains by hacking systems. Last month, Yang Litao was sentenced to serve two years in jail after hacking the Red Cross Web site. The 23 year old man attempted to redirect the money donated for the Sichuan earthquake casualties, while also infecting the servers with a virus he purposely crafted.
But perhaps the most shocking case refers to Eddie Davidson, the ‘Colorado Spam King’, who killed himself and his family. Davidson was sentenced to serve 21 months and pay a $ 714,139 in restitution to the IRS for earning more than $ 3 million from e-mail spam promoting penny stocks. He managed to escape after having served five weeks of his sentence; four days later, he shot his wife and their 3 year old daughter, and wounded a teen-age girl before turning the gun on himself.
The analysts would probably say that behind each and every cybercrime there is a venture seeking to gain some profit. If so, where should we place the real costs – like those from the three examples previously depicted – when running the total balance?
Because spamming is just one of those many types of cybercrime, the figures are probably multiplying with each and every other e-threat, whether we talk about phishing, ID theft, scams, viruses, worms, Trojans, botnets, rootkits, or any other malware. Of course, the numbers run well for the business tier, especially since corporations and organizations have the means to statistically pull together facts and figures.
But what about the other costs which are even more tangible, but also more difficult to catch in a chart? What about the hours an ordinary user spends deleting each spam or removing the malware affecting his or her home computer? Or the phishing scheme that ruins family savings? Or the energy and resources the authorities deploy for pursuing and apprehending cybercriminals around the globe? Or the years a felon spends in jail for hacking a computer or counterfeiting software? And the list of questions could go on and on and on…
This dark side, usually escaping diagrams and statistics, is to be found in another place, like news bulletins or newspapers. For instance, one of the most recent actions of FBI and Romanian authorities led to the arrest of a group of 21 cybercriminals involved in a massive e-commerce and auction scams, identity theft and credit card frauds. Seeking to obtain sensitive personal information, these criminals launched several e-mail spam campaigns. Afterwards, using the stolen identities, they posted selling announces (for fictional goods) on e-commerce Web sites, such as eBay™ and Craiglist™. The mischievous group (which included a 17 year old member) raise up to € 400,000 before was seized.
While some fraudsters apply intricate types of schemes, such as the one I previously described, usually aiming to trick unaware users and empty their accounts, other felons prefer to obtain illicit gains by hacking systems. Last month, Yang Litao was sentenced to serve two years in jail after hacking the Red Cross Web site. The 23 year old man attempted to redirect the money donated for the Sichuan earthquake casualties, while also infecting the servers with a virus he purposely crafted.
But perhaps the most shocking case refers to Eddie Davidson, the ‘Colorado Spam King’, who killed himself and his family. Davidson was sentenced to serve 21 months and pay a $ 714,139 in restitution to the IRS for earning more than $ 3 million from e-mail spam promoting penny stocks. He managed to escape after having served five weeks of his sentence; four days later, he shot his wife and their 3 year old daughter, and wounded a teen-age girl before turning the gun on himself.
The analysts would probably say that behind each and every cybercrime there is a venture seeking to gain some profit. If so, where should we place the real costs – like those from the three examples previously depicted – when running the total balance?
Copyright 2011. Site powered by Bitdefender