Facebook Google Menu Linkedin lock Pinterest Search Twitter

Advertisement

Uncategorized

Sep 30, 2013

Awkward silence greets the falling cost of cybercrime

While governments hype the cost of cybercrime, the data contradicts them -- and even IT companies are pulling back on their claims.

User login status :

Share

Quick quiz: is the cost of cybercrime going up or down?

Up, you say? Up rapidly? Isn’t it one of the fastest growing crimes?

Let’s test that. In mid-June, while most of us were preoccupied with other matters, the Australian Institute of Criminology released a report on online fraud, the latest instalment of an annual series. The report was based on a survey of more than 1500 people and covered various types of online fraud to which people had been subjected, and how much it cost them.

You’re unlikely to have heard of the report — it got minimal media coverage. For one thing, it came out at the same time as the Australian Competition and Consumer Commission put out a similar, but wider, report on the cost of scams both online and off. But for those of us with an interest in cybercrime, it had some interesting data.

According to the report, the median cost of cybercrime to consumers in 2012 fell, and fell a lot. In the 2011 report, the median cost to consumers who had fallen victim to online fraud of any kind was $700. In 2012 it was $500. That’s a nearly 30% fall in the cost of cybercrime in one year.

A one-off? Well, in 2010, the median had been $1065, although the sample size that year was small. Even so, in two years the cost of cybercrime had fallen by more than half. If you go back further, to 2008, the median cost was $1500, although again that was a small sample size.

Other data backs this up. The ACCC’s report on scams, the one that got all the attention, showed that since 2011 victims of scams of scams (online and off) were reporting lower levels of losses. The ACCC explained this as crooks shifting to “high volume scams” where they seek smaller amounts of money but from more people. Either way, the ACCC insisted, the costs were merely the “tip of the iceberg”.

But the trend is clear — after years of governments and IT security corporations telling us that online fraud is one of our fastest growing crimes and inflicting massive costs on the community, the data demonstrates exactly the opposite.

Even IT security companies, once the source of the most ludicrously over the top claims about the cost of cybercrime, are backtracking. In August, McAfee, one of the biggest of them all, apologised for and walked away from the nonsensical claim it had issued in 2012 that cybercrime cost $1 trillion (yes, trillion) a year globally — a claim that was mocked the moment it was issued.

That sheer implausibility of McAfee’s original claim didn’t stop the head of the National Security Agency from invoking it to justify more money and legislative power for cyberdefence. As we now know, of course, the NSA’s General Keith B Alexander was and is presiding over a vast cybercrime operation of his own.

McAfee’s backtrack is reminiscent of what happened when Greens senator Scott Ludlam asked the then-government to justify the claims of then-PM Julia Gillard about the cost of cybercrime when she announced the establishment of the Australian Cyber Security Centre in January. Busted using a discredited figure to justify establishing what, in the end, amounted to little more than a co-ordination body, Gillard’s department blamed the Australian Federal Police.

There’s been an uncannily similar moment in the UK recently. In 2011, a company issued a cybercrime cost considered even by the IT security industry as far too high. When a Cameron government minister used the figure and was subsequently asked to explain it, Cameron’s own department admitted earlier this year they hadn’t bothered checking it.

Both Gillard’s use of a dodgy cybercrime figure and more particularly Keith Alexander’s use of the McAfee claim to bolster the case for more money and power for the NSA demonstrates the direct link between the relentless hyping of cybercrime and government agencies extending their powers and deploying them against their citizens (or “adversaries” as the NSA calls them). This is a neat trick that the mainstream media falls for all the time.

No wonder the Institute of Criminology report vanished without trace.

Bernard Keane — Politics Editor

Bernard Keane

Politics Editor

Bernard Keane is Crikey’s political editor. Before that he was Crikey’s Canberra press gallery correspondent, covering politics, national security and economics.

Get a free trial to post comments
More from Bernard Keane

Advertisement

We recommend

From around the web

Powered by Taboola

3 comments

Leave a comment

3 thoughts on “Awkward silence greets the falling cost of cybercrime

  1. Hang on. The median cost PER VICTIM says nothing about the total cost. It could be going up, down, or sideways – you just can’t tell without information about movement (or lack of movement) in the incidence of cyber crime.