Centenial Celebration

Transaction Search Form: please type in any of the fields below.

Date: April 30, 2024 Tue

Time: 3:07 am

Results for computer crime (u.k.)

2 results found

Author: Anderson, Ross

Title: Measuring the Cost of Cybercrime

Summary: In this paper we present what we believe to be the rst systematic study of the costs of cybercrime. It was prepared in response to a request from the UK Ministry of Defence following scepticism that previous studies had hyped the problem. For each of the main categories of cybercrime we set out what is and is not known of the direct costs, indirect costs and defence costs { both to the UK and to the world as a whole. We distinguish carefully between traditional crimes that are now `cyber' because they are conducted online (such as tax and welfare fraud); transitional crimes whose modus operandi has changed substantially as a result of the move online (such as credit card fraud); new crimes that owe their existence to the Internet; and what we might call platform crimes such as the provision of botnets which facilitate other crimes rather than being used to extract money from victims directly. As far as direct costs are concerned, we nd that traditional o ences such as tax and welfare fraud cost the typical citizen in the low hundreds of pounds/Euros/dollars a year; transitional frauds cost a few pounds/Euros/dollars; while the new computer crimes cost in the tens of pence/cents. However, the indirect costs and defence costs are much higher for transitional and new crimes. For the former they may be roughly comparable to what the criminals earn, while for the latter they may be an order of magnitude more. As a striking example, the botnet behind a third of the spam sent in 2010 earned its owners around US$2.7m, while worldwide expenditures on spam prevention probably exceeded a billion dollars. We are extremely inecient at ghting cybercrime; or to put it another way, cybercrooks are like terrorists or metal thieves in that their activities impose disproportionate costs on society. Some of the reasons for this are well-known: cybercrimes are global and have strong externalities, while traditional crimes such as burglary and car theft are local, and the associated equilibria have emerged after many years of optimisation. As for the more direct question of what should be done, our gures suggest that we should spend less in anticipation of cybercrime (on antivirus, rewalls, etc.) and more in response { that is, on the prosaic business of hunting down cyber-criminals and throwing them in jail.

Details: Berlin: Workshop on the Economics of Information Security, 2012. 31p.

Source: Conference Report: Internet Resource: Accessed August 14, 2012 at http://weis2012.econinfosec.org/papers/Anderson_WEIS2012.pdf

Year: 2012

Country: United Kingdom

URL: http://weis2012.econinfosec.org/papers/Anderson_WEIS2012.pdf

Shelf Number: 126027

Keywords:
Computer Crime (U.K.)
Costs of Crime (U.K.)
Cybercrimes (U.K.)
Internet Crimes (U.K.)

Author: Levi, Michael

Title: eCrime Reduction Partnership Mapping Study

Summary: High quality data on eCrimes are hard to find, both nationally and internationally. This makes rational policy decisions for both public and private sectors – which anyway are interdependent in both directions – even more difficult than they would otherwise be, as nation states grapple falteringly with transnational crimes and with transnational legal processes, priorities and scarce resources. • The majority of eCrime data collection practices adopt sub-standard methodologies that produce a very partial picture of the problem. Large government surveys, such as the Crime Survey for England and Wales (formerly the British Crime Survey), the Offending, Crime and Justice Survey and Commercial Victimisation Survey only intermittently include questions that relate directly to eCrimes, though the CSEW and the Scottish Crime and Justice Survey have looked regularly at card and identity crimes, and fear of them, and have found that identity thefts arouse more concern than do other crimes. Identity thefts can occur offline, but it seems plausible that when responding, people will be thinking about online data ‘theft’ from hacking or social engineering. eCrime questions in European surveys, such as the Community Surveys on ICT Usage, have been found to be unreliable. Vendor sources, such as private security surveys, are often based on breach data identified by vendor software, resulting in partial datasets. Official criminal justice related datasets rely on both reported and officially recorded incidents of eCrimes, while even good administrative data in the private sector (e.g. UK Payments, CIFAS Fraud Prevention Service) cannot avoid excluding unidentified eFrauds (for example in the large category of ‘bad debt’). In the UK only the Oxford Internet Surveys and the Information Security Breaches Survey (pre-2010) produce eCrimes data that are of gold-standard methodologically: however neither of them survey or estimate direct or indirect economic losses from eCrimes. • The introduction of security breach notification requirements to some UK public and private sector organisations in May 20111 may provide a more robust evidence base on eCrimes breaches. It is however too early to assess the quality of this new data stream that is only recently under the coordination of the Office of Communications (Ofcom) and the Information Commissioner’s Office (ICO). • Based on the best data available, an upward trend is evident for both domestic and business related eCrimes. The Information Security Breaches Survey (2010) indicates a sharp upward trend in all business eCrimes compared to 2008 data. While less extreme, the upward trend in domestic data as recorded by the Oxford Internet Survey (2011) applies to all eCrimes other than obscenity. • Independent of actual levels of fraud, there is high public anxiety about eCrimes, and such anxieties require ‘reassurance policing’ that contains both real responses to experienced crimes and a range of public and third party measures to guide sound as well as just profitable risk-reduction practices.

Details: Cardiff, Wales: Cardiff Centre for Crime, Law and Justice Cardiff School of Social Sciences, 2012. 85p.

Source: Iinternet Resource: Accessed November 28, 2012 at: http://dpalliance.org.uk/wp-content/uploads/2012/09/20120910-eCrime_Reduction_Partnership_Mapping_Study.pdf

Year: 2012

Country: United Kingdom

URL: http://dpalliance.org.uk/wp-content/uploads/2012/09/20120910-eCrime_Reduction_Partnership_Mapping_Study.pdf

Shelf Number: 127027

Keywords:
Computer Crime (U.K.)
Computer Fraud
Crime Surveys
Identity Theft
Victimization Surveys
White-Collar Crime