Accurate measurement of cybercrime required to tackle growing problem, says Sophos
February 2011 by Sophos
The UK government has published a report into the cost of cybercrime, concluding that the overall cost to the UK economy from cybercrime is £27bn per year. However, the report does not provide extensive evidence of how this figure has been calculated.
The report breaks the figure of £27 billion down into different categories - indicating, for example, that £9.2 billion comes from theft of intellectual property (IP), and £7.6 billion is calculated for industrial espionage, while acknowledging that calculating these figures is ’complex’ because such incidents are typically not reported.
"If these kind of incidents are not being reported, then how have the figures been counted?" said Graham Cluley, senior technology consultant at Sophos. "Yes, IP theft and industrial espionage are real concerns for businesses, and cybercriminals are perfectly capable of engaging in them, but there needs to be a proper mechanism for reporting cybercrime - both for home users and businesses - before we can begin to whisk up grand totals like this."
The UK government report demonstrates that businesses need to take the threat from cybercrime seriously. In addition to spam and malware attacks, businesses need to be aware of the risk from cybercriminals gaining remote access to company systems, spying on sensitive activities and stealing information.
"Although I cast a querulous eyebrow at the statistics being given in the report, I strongly agree with its conclusion that a proper picture of cybercrime in the UK needs to be built up," continued Cluley. "An accurate measure of cybercrime is required in order to provide the proper support that computer users - in business and at home - need to defend against the threats. Once we know the true scale of the problem we can fund the computer crime authorities appropriately, and we can begin to measure if the UK’s attempts to fight the problem are really working or not."
For more information visit the Sophos Naked Security site at: